Search Engine: Elastic

Article ID: 124316, created on Jan 28, 2015, last review on Jan 28, 2015

  • Applies to:
  • Operations Automation
  • Business Automation


During a code audit performed internally at Qualys a heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls.


There is a remote code execution risk due to this vulnerability. An attacker who exploits this issue can gain complete control of the compromised system.

More information about CVE-2015-0235 can be found in Qualys Blog and on Openwall website.


To close the vulnerability, install the latest available version of glibc from the OS vendor repository to every Linux server in the infrastructure.

Call to action

  1. Update glibc package on every Linux host in the infrastructure:

    yum update glibc
  2. Restart network services having external access (for example Apache, SSH, MySQL, pem, pemui)

198398b282069eaf2d94a6af87dcb3ff caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07 5356b422f65bdad1c3e9edca5d74a1ae

Email subscription for changes to this article
Save as PDF