### [CVE-2015-0235](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

### POC

#### Reference
- http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/
- http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html
- http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html
- http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html
- http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
- http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
- http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
- http://seclists.org/fulldisclosure/2015/Jan/111
- http://seclists.org/fulldisclosure/2019/Jun/18
- http://seclists.org/fulldisclosure/2021/Sep/0
- http://seclists.org/fulldisclosure/2022/Jun/36
- http://seclists.org/oss-sec/2015/q1/274
- http://www.openwall.com/lists/oss-security/2021/05/04/7
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
- http://www.securityfocus.com/bid/91787
- https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability
- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
- https://kc.mcafee.com/corporate/index?page=content&id=SB10100
- https://seclists.org/bugtraq/2019/Jun/14
- https://security.netapp.com/advisory/ntap-20150127-0001/
- https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt

#### Github
- https://github.com/1N3/1N3
- https://github.com/1N3/Exploits
- https://github.com/1and1-serversupport/ghosttester
- https://github.com/ARPSyndicate/cvemon
- https://github.com/F88/ghostbusters15
- https://github.com/JJediny/peekr-api
- https://github.com/Sp1tF1r3/ghost-test
- https://github.com/aaronfay/CVE-2015-0235-test
- https://github.com/adherzog/ansible-CVE-2015-0235-GHOST
- https://github.com/alanmeyer/CVE-glibc
- https://github.com/arm13/ghost_exploit
- https://github.com/arthepsy/cve-tests
- https://github.com/auditt7708/rhsecapi
- https://github.com/cfengine-content/registry
- https://github.com/chayim/GHOSTCHECK-cve-2015-0235
- https://github.com/devopsguys/dataloop-checks
- https://github.com/dineshkumarc987/Exploits
- https://github.com/favoretti/lenny-libc6
- https://github.com/fser/ghost-checker
- https://github.com/koudaiii-archives/cookbook-update-glibc
- https://github.com/leoambrus/CheckersNomisec
- https://github.com/limkokholefork/GHOSTCHECK-cve-2015-0235
- https://github.com/lnick2023/nicenice
- https://github.com/makelinux/CVE-2015-0235-workaround
- https://github.com/mholzinger/CVE-2015-0235_GHOST
- https://github.com/mikesplain/CVE-2015-0235-cookbook
- https://github.com/mudongliang/LinuxFlaw
- https://github.com/nickanderson/cfengine-CVE_2015_0235
- https://github.com/oneoy/cve-
- https://github.com/pebreo/ansible-simple-example
- https://github.com/piyokango/ghost
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/r3p3r/1N3-Exploits
- https://github.com/sUbc0ol/CVE-2015-0235
- https://github.com/sjourdan/clair-lab
- https://github.com/stokes84/CentOS7-Intial-Setup
- https://github.com/tobyzxj/CVE-2015-0235
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xyongcn/exploit