php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Sec Bug #68925 CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow
Submitted: 2015-01-27 21:34 UTC Modified: 2015-02-01 03:17 UTC
From: leigh@php.net Assigned: stas (profile)
Status: Closed Package: Network related
PHP Version: 5.4.37 OS: Linux glibc > 2.2
Private report: No CVE-ID: None
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
7 + 30 = ?
Subscribe to this entry?

 
 [2015-01-27 21:34 UTC] leigh@php.net
Description:
------------
For full details see: http://www.openwall.com/lists/oss-security/2015/01/27/9

We use this function in several places where userland input can be passed as a parameter to gethostbyname(). Given that a proof of concept RCE has been developed this could cause a potential issue for users who pass user supplied input these functions.

The Case Studies section of the oss-security link shows situations where apps are vulnerable or not.

Could someone please review http://lxr.php.net/search?q=gethostbyname&defs=&refs=&path=&hist=&project=PHP_5_6 and see if we can mitigate any potential vulnerabilities using the same techniques. 




Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-02-01 03:17 UTC] stas@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: stas
 [2015-02-01 03:17 UTC] stas@php.net
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Oct 04 05:01:27 2024 UTC