A penetration tester wants to check manually if a `ghost` vulnerability exists in a system. Which of the following methods is the correct way to validate the vulnerability?
A.
Download the GHOST file to a Linux system and compile gcc -o GHOST test i: ./GHOST
B.
Download the GHOST file to a Windows system and compile gcc -o GHOST GHOST.c test i: ./GHOST
C.
Download the GHOST file to a Linux system and compile gcc -o GHOST GHOST.c test i: ./GHOST
D.
Download the GHOST file to a Windows system and compile gcc -o GHOST test i: ./GHOST
It should be B; HOWEVER, the system has to be linux. the answers are not written
well.
https://www.cyberciti.biz/faq/cve-2015-0235-ghost-glibc-buffer-overflow-linux-test-program/
I guess it's more like B as the command seems to be correct. Couldn't find GCC for Windows but I came across these sites and they might also work so I would pick B for this one:
https://www.guru99.com/c-gcc-install.html
http://glx.sourceforge.net/tut/gcc.html
Tricky one! For me it's a combination of B and C.
- Download the GHOST file to a Linux system and compile: gcc -o GHOST GHOST.c test i: ./GHOST
https://www.cyberciti.biz/faq/cve-2015-0235-ghost-glibc-buffer-overflow-linux-test-program/
https://www.ciscozine.com/ghost-cve-2015-0235/
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
miabe
2 years, 9 months agoCock
3 years, 2 months agostaccata
3 years, 7 months agoCybeSecN
3 years, 8 months agokhuno
4 years, 9 months agoD1960
5 years agomr_robot
5 years agosn0wman321
5 years agodeathfrom
5 years agomr_robot
4 years, 11 months agomr_robot
5 years, 1 month ago