GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)

  Severity: HIGH
  CVE Identifier: CVE-2015-0235
  Advisory Date: JAN 28, 2015

  DESCRIPTION

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."