CVE-2015-0235 - GHOST

Vladimir Getmanshchuk vladget at
Wed Jan 28 08:38:45 UTC 2015


Here is a list of potential targets that we investigated (they all call

*gethostbyname*, one way or another), but to the best of our knowledge,

the buffer overflow cannot be triggered in any of them:

apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql,

nfs-utils, *nginx*, nodejs, openldap, openssh, postfix, proftpd,

pure-ftpd, rsyslog, samba, sendmail, sysklogd, syslog-ng, tcp_wrappers,

vsftpd, xinetd.

Yours sincerely,
Vladimir Getmanshchuk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

Подробная информация о списке рассылки nginx-ru