Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CA+Qk1jbSf=8bHoQdw+qT7vGkRh-ZAbs4v2TLhDySUAtKeo0oEg@mail.gmail.com>
Date: Sat, 31 Jan 2015 16:11:21 +0500
From: Ammar Brohi <brohiammar@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: R: GHOST gethostbyname() heap
 overflow in glibc (CVE-2015-0235)

I wonder how to detect this vulnerability? Any remote or local script to
run?

Thanks,

On Fri, Jan 30, 2015 at 3:54 PM, linkbc02 <linkbc02@...look.com> wrote:

> |If you try upgrading glibc and the issue goes away, _that_ would be a
> |reason to suspect relevance.
>
> Hi, already done
>
>
> # rpm -q glibc
> glibc-2.12-1.132.el6_5.2.x86_64
> glibc-2.12-1.132.el6_5.2.i686
>
> # yum update glibc
>
>
> # rpm -q glibc
> glibc-2.12-1.149.el6_6.5.x86_64
> glibc-2.12-1.149.el6_6.5.i686
>
>
>
> # /etc/init.d/dovecot restart
>
>
> # telnet localhost 143
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
> STARTTLS AUTH=PLAIN AUTH=LOGIN] IMAP ready.
> 1 login
>
> 00000000000000000000000000000000000000000000000000000000000000000000000000-c
> utted-
>
>
> BAD Error in IMAP command received by server.
>
> * BAD Error in IMAP command received by server.
>
>
> #dmesg doesn't show anymore segfault and core dump
>

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.