Page tree
Skip to end of metadata
Go to start of metadata

Last updated: Sep 13, 2017 13:49

Ghost Vulnerability - glibc vulnerability (CVE-2015-0235)

By Gregory Johnson

Background Information

GHOST is a 'buffer overflow' bug affecting the gethostbyname() and gethostbyname2()function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.

Impact

The gethostbyname() function calls are used for DNS resolving, which is a very common event. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying an invalid hostname argument to an application that performs a DNS resolution.

Bottom Line

Recent vulnerability scans reveal PM systems are not vulnerable. This may not remain the case as vulnerabilities tend to morph or evolve over time. Therefore, Perfecto Mobile will continue to monitor this issue closely. Customers requiring updates on this issue can be directed to our Support and Security teams as necessary.

More information on Ghost can be found here:

 

Information on Ghost from Redhat

 

All You Need to Know About Ghost - Tech Radar


 

NIST Special Publication Mobile App Security Vetting Guide

 


The National Institute of Standards and Technology releases Mobile Application Security Vetting Guide.

 

The full guide can be found here: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-163.pdf

 

Abstract

 

The purpose of this document is to help organizations (1) understand the process for vetting the security of mobile applications, (2) plan for the implementation of an app vetting process, (3) develop app security requirements, (4) understand the types of app vulnerabilities and the testing methods used to detect those vulnerabilities, and (5) determine if an app is acceptable for deployment on the organization's mobile devices.