Tag Archives: glibc

CVE-2015-7547:getaddrinfo() 的 RCE (Remote Code Execution) 慘案

Google 寫了一篇關於 CVE-2015-7547 的安全性問題:「CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow」。 Google 的工程師在找 OpenSSH 連到某台特定主機就會 segfault 的通靈過程中,發現問題不在 OpenSSH,而是在更底層的 glibc 導致 segfault: Recently a Google engineer noticed that their SSH client segfaulted every time they tried to connect to a specific host. That … Continue reading

Posted in Computer, DNS, Linux, Murmuring, Network, OS, Security, Software | Tagged , , , , , , , , , , , , , , , , , , , , | Leave a comment

CVE-2015-0235:讓人爆炸的「glibc gethostbyname buffer overflow」

CVE-2015-0235:glibc gethostbyname buffer overflow 的問題是: Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka … Continue reading

Posted in Computer, DNS, Linux, Murmuring, Network, OS, Security, Software | Tagged , , , , | Leave a comment

Percona Server 5.5.30-30.2 (based on MySQL 5.5.30) 的改善

Percona 在前幾天推出基於 MySQL 5.5.30 的 Percona Server 5.5.30-30.2:「Percona Server for MySQL 5.5.30-30.2 now available」。 5.5.30-30.2 這個版本引入了 jemalloc: Percona Server for MySQL will now be shipped with the libjemalloc library. Benchmark showing the impact of memory allocators on MySQL performance can … Continue reading

Posted in Computer, Database, Murmuring, MySQL, Network, Software | Tagged , , , , , , , , , | 3 Comments