Does the Ghost Vulnerability require access (as in being a logged in user) to the effected OS in question? Can someone clarify the 'remote attacker that is able to make an application call'? I only seem to find tests to run on the local system directly but not from a remote host.
All the information I have gathered so far about the Ghost Vulnerability from multiple sources (credits to those sources) I have posted below in an answer in case anyone else is curious.
Edit, I found my answer:
During a code audit Qualys researchers discovered a buffer overflow in the __nss_hostname_digits_dots() function of glibc. This bug can be triggered both locally and remotely via all the gethostbyname*() functions. Applications have access to the DNS resolver primarily through the gethostbyname*() set of functions. These functions convert a hostname into an IP address.
Aucun commentaire:
Enregistrer un commentaire