Linux "Ghost" Remote Code Execution Vulnerability
freebsd at edvax.de
Thu Jan 29 02:38:49 UTC 2015
On Wed, 28 Jan 2015 14:52:47 -0500, Jerry wrote:
> Does this vulnerability affect FreeBSD?
FreeBSD's gethostbyname() is located in the standard C library,
which is libc, not glibc (that Linux is using), so probably
FreeBSD is not affected. However, programs linked against
glibc and run in the Linux ABI environment might be affected,
You can find a demonstration program here:
It's in section 4.
On my home system, I get this:
% cc -Wall -o ghost ghost.c
should not happen
Surprise: Neither "vulnerable" nor "not vulnerable" is printed.
That result is interesting. It might indicate ternary logic.
YES, NO, FILE_NOT_FOUND. :-)
Note that 4.1 explicitely talks about "The GNU C Library"
which FreeBSD does not use (or have). Section 4 mentions
other programs (such as mount.nfs, ping, procmail) for
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions