Vulnerabilities > CVE-2013-7423 - Code vulnerability in multiple products

The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.

Vulnerable Configurations

Part	Description	Count
OS	Redhat Redhat Enterprise Linux Server AUS 6.5	1
OS	Canonical Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 14.10 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 10.04	4
OS	Opensuse Opensuse Opensuse 13.1 Opensuse Opensuse 13.2	2
Application	Gnu GNU Glibc 2.3.2 GNU Glibc 2.3.3 GNU Glibc 2.3.10	3

Common Weakness Enumeration (CWE)

CWE-17 - Code

Nessus

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2016-1207.NASL
description	An update for glibc is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * It was discovered that, under certain circumstances, glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	91497
published	2016-06-07
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/91497
title	RHEL 6 : glibc (RHSA-2016:1207)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2016:1207. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(91497); script_version("2.9"); script_cvs_date("Date: 2019/10/24 15:35:41"); script_cve_id("CVE-2013-7423"); script_xref(name:"RHSA", value:"2016:1207"); script_name(english:"RHEL 6 : glibc (RHSA-2016:1207)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for glibc is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data. (CVE-2013-7423)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2016:1207" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-7423" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nscd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.5"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/02/24"); script_set_attribute(attribute:"patch_publication_date", value:"2016/06/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/07"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6\.5([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.5", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2016:1207"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-common-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-debuginfo-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-debuginfo-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-debuginfo-common-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-debuginfo-common-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-devel-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-devel-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-headers-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-static-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-static-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-utils-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"nscd-2.12-1.132.el6_5.8")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc"); } }

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2015-617.NASL
description	A buffer overflow flaw was found in the way glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	87343
published	2015-12-15
reporter	This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/87343
title	Amazon Linux AMI : glibc (ALAS-2015-617)

NASL family	OracleVM Local Security Checks
NASL id	ORACLEVM_OVMSA-2015-0055.NASL
description	The remote OracleVM system is missing necessary patches to address critical security updates : - Fix invalid file descriptor reuse while sending DNS query (#1207995, CVE-2013-7423). - Fix buffer overflow in gethostbyname_r with misaligned buffer (#1209375, CVE-2015-1781). - Enhance nscd to detect any configuration file changes (#1194149).
last seen	2020-06-01
modified	2020-06-02
plugin id	82983
published	2015-04-22
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/82983
title	OracleVM 3.3 : glibc (OVMSA-2015-0055)

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2015-513.NASL
description	A buffer overflow flaw was found in the way glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	83056
published	2015-04-27
reporter	This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/83056
title	Amazon Linux AMI : glibc (ALAS-2015-513)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2015-2589.NASL
description	Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap (depending on adjacent heap contents). A local attacker could potentially use this flaw to execute arbitrary code on the system. (CVE-2015-5277) It was discovered that, under certain circumstances, glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	88573
published	2016-02-04
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/88573
title	RHEL 7 : glibc (RHSA-2015:2589)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2015-0550-1.NASL
description	glibc has been updated to fix four security issues : - CVE-2014-0475: Directory traversal in locale environment handling (bnc#887022) - CVE-2014-7817: wordexp failed to honour WRDE_NOCMD (bsc#906371) - CVE-2014-9402: Avoid infinite loop in nss_dns getnetbyname (bsc#910599) - CVE-2015-1472: Fixed buffer overflow in wscanf (bsc#916222) This non-security issue has been fixed : - Fix missing zero termination (bnc#918233) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	83704
published	2015-05-20
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/83704
title	SUSE SLES10 Security Update : glibc (SUSE-SU-2015:0550-1)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2015-2199.NASL
description	From Red Hat Security Advisory 2015:2199 : Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	87092
published	2015-11-30
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/87092
title	Oracle Linux 7 : glibc (ELSA-2015-2199)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2015-0526-1.NASL
description	glibc has been updated to fix four security issues. These security issues were fixed : - CVE-2014-7817: The wordexp function in GNU C Library (aka glibc) 2.21 did not enforce the WRDE_NOCMD flag, which allowed context-dependent attackers to execute arbitrary commands, as demonstrated by input containing
last seen	2020-06-01
modified	2020-06-02
plugin id	83701
published	2015-05-20
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/83701
title	SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2015:0526-1)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201602-02.NASL
description	The remote host is affected by the vulnerability described in GLSA-201602-02 (GNU C Library: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the GNU C Library: The Google Security Team and Red Hat discovered a stack-based buffer overflow in the send_dg() and send_vc() functions due to a buffer mismanagement when getaddrinfo() is called with AF_UNSPEC (CVE-2015-7547). The strftime() function access invalid memory when passed out-of-range data, resulting in a crash (CVE-2015-8776). An integer overflow was found in the __hcreate_r() function (CVE-2015-8778). Multiple unbounded stack allocations were found in the catopen() function (CVE-2015-8779). Please review the CVEs referenced below for additional vulnerabilities that had already been fixed in previous versions of sys-libs/glibc, for which we have not issued a GLSA before. Impact : A remote attacker could exploit any application which performs host name resolution using getaddrinfo() in order to execute arbitrary code or crash the application. The other vulnerabilities can possibly be exploited to cause a Denial of Service or leak information. Workaround : A number of mitigating factors for CVE-2015-7547 have been identified. Please review the upstream advisory and references below.
last seen	2020-06-01
modified	2020-06-02
plugin id	88822
published	2016-02-18
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/88822
title	GLSA-201602-02 : GNU C Library: Multiple vulnerabilities

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-2519-1.NASL
description	Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7423) It was discovered that the GNU C Library incorrectly handled receiving a positive answer while processing the network name when performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to hang, resulting in a denial of service. (CVE-2014-9402) Joseph Myers discovered that the GNU C Library wscanf function incorrectly handled memory. A remote attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1472, CVE-2015-1473). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	81572
published	2015-02-27
reporter	Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/81572
title	Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : eglibc, glibc vulnerabilities (USN-2519-1)

NASL family	OracleVM Local Security Checks
NASL id	ORACLEVM_OVMSA-2016-0013.NASL
description	The remote OracleVM system is missing necessary patches to address critical security updates : - Update fix for CVE-2015-7547 (#1296028). - Create helper threads with enough stack for POSIX AIO and timers (#1301625). - Fix CVE-2015-7547: getaddrinfo stack-based buffer overflow (#1296028). - Support loading more libraries with static TLS (#1291270). - Check for NULL arena pointer in _int_pvalloc (#1256890). - Don
last seen	2020-06-01
modified	2020-06-02
plugin id	88783
published	2016-02-17
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/88783
title	OracleVM 3.3 : glibc (OVMSA-2016-0013) (GHOST)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2015-0863.NASL
description	Updated glibc packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	82928
published	2015-04-22
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/82928
title	CentOS 6 : glibc (CESA-2015:0863)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2015-2199.NASL
description	Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	87142
published	2015-12-02
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/87142
title	CentOS 7 : glibc (CESA-2015:2199)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2015-0551-1.NASL
description	glibc has been updated to fix four security issues : - CVE-2014-0475: Directory traversal in locale environment handling (bnc#887022) - CVE-2014-7817: wordexp failed to honour WRDE_NOCMD (bsc#906371) - CVE-2014-9402: Avoid infinite loop in nss_dns getnetbyname (bsc#910599) - CVE-2015-1472: Fixed buffer overflow in wscanf (bsc#916222) - CVE-2013-7423: getaddrinfo() wrote DNS queries to random file descriptors under high load. (bnc#915526) The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	83705
published	2015-05-20
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/83705
title	SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0551-1)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20151119_GLIBC_ON_SL7_X.NASL
description	It was discovered that, under certain circumstances, glibc
last seen	2020-03-18
modified	2015-12-22
plugin id	87556
published	2015-12-22
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/87556
title	Scientific Linux Security Update : glibc on SL7.x x86_64 (20151119)

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2015-218.NASL
description	Multiple vulnerabilities has been found and corrected in glibc : It was discovered that, under certain circumstances, glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	83170
published	2015-05-01
reporter	This script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/83170
title	Mandriva Linux Security Advisory : glibc (MDVSA-2015:218)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_GLIBC-150226.NASL
description	glibc has ben updated to fix three security issues : - wordexp failed to honour WRDE_NOCMD (bsc#906371). (CVE-2014-7817) - Fixed invalid file descriptor reuse while sending DNS query (bsc#915526). (CVE-2013-7423) - Fixed buffer overflow in wscanf (bsc#916222) These non-security issues have been fixed:. (CVE-2015-1472) - Remove inaccurate assembler implementations of ceill, floorl, nearbyintl, roundl, truncl for PowerPC64 (bsc#917072) - Don
last seen	2020-06-01
modified	2020-06-02
plugin id	81667
published	2015-03-06
reporter	This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/81667
title	SuSE 11.3 Security Update : glibc (SAT Patch Number 10357)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1552.NASL
description	According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap (depending on adjacent heap contents). A local attacker could potentially use this flaw to execute arbitrary code on the system.(CVE-2015-5277) - A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value (for example, specified in an LC_* environment variable) could possibly use this flaw to execute arbitrary code with the privileges of that application.(CVE-2014-0475) - It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure.(CVE-2015-8776) - The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.(CVE-2017-15670) - The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.(CVE-2013-4788) - An out-of-bounds read flaw was found in the way glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	125005
published	2019-05-14
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/125005
title	EulerOS Virtualization 3.0.1.0 : glibc (EulerOS-SA-2019-1552)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2015-0863.NASL
description	From Red Hat Security Advisory 2015:0863 : Updated glibc packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	82980
published	2015-04-22
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/82980
title	Oracle Linux 6 : glibc (ELSA-2015-0863)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2015-2199.NASL
description	Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	86937
published	2015-11-19
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/86937
title	RHEL 7 : glibc (RHSA-2015:2199)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2015-173.NASL
description	Glibc was updated to fix several security issues. - Avoid infinite loop in nss_dns getnetbyname (CVE-2014-9402, bsc#910599, BZ #17630) - wordexp fails to honour WRDE_NOCMD (CVE-2014-7817, bsc#906371, BZ #17625) - Fix invalid file descriptor reuse while sending DNS query (CVE-2013-7423, bsc#915526, BZ #15946) - Fix buffer overflow in wscanf (CVE-2015-1472, bsc#916222, BZ #16618)
last seen	2020-06-05
modified	2015-02-27
plugin id	81560
published	2015-02-27
reporter	This script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/81560
title	openSUSE Security Update : glibc (openSUSE-2015-173)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20150421_GLIBC_ON_SL6_X.NASL
description	A buffer overflow flaw was found in the way glibc
last seen	2020-03-18
modified	2015-04-22
plugin id	82987
published	2015-04-22
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/82987
title	Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20150421)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-165.NASL
description	Several vulnerabilities have been fixed in eglibc, Debian
last seen	2020-03-17
modified	2015-03-26
plugin id	82149
published	2015-03-26
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/82149
title	Debian DLA-165-1 : eglibc security update

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2015-0863.NASL
description	Updated glibc packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc
last seen	2020-06-01
modified	2020-06-02
plugin id	82984
published	2015-04-22
reporter	This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/82984
title	RHEL 6 : glibc (RHSA-2015:0863)

Redhat

advisories

rhsa
id RHSA-2015:0863
rhsa
id RHSA-2016:1207

rpms

glibc-0:2.12-1.149.el6_6.7
glibc-common-0:2.12-1.149.el6_6.7
glibc-debuginfo-0:2.12-1.149.el6_6.7
glibc-debuginfo-common-0:2.12-1.149.el6_6.7
glibc-devel-0:2.12-1.149.el6_6.7
glibc-headers-0:2.12-1.149.el6_6.7
glibc-static-0:2.12-1.149.el6_6.7
glibc-utils-0:2.12-1.149.el6_6.7
nscd-0:2.12-1.149.el6_6.7
glibc-0:2.17-105.el7
glibc-common-0:2.17-105.el7
glibc-debuginfo-0:2.17-105.el7
glibc-debuginfo-common-0:2.17-105.el7
glibc-devel-0:2.17-105.el7
glibc-headers-0:2.17-105.el7
glibc-static-0:2.17-105.el7
glibc-utils-0:2.17-105.el7
nscd-0:2.17-105.el7
glibc-0:2.17-79.ael7b_1
glibc-0:2.17-79.el7_1
glibc-common-0:2.17-79.ael7b_1
glibc-common-0:2.17-79.el7_1
glibc-debuginfo-0:2.17-79.ael7b_1
glibc-debuginfo-0:2.17-79.el7_1
glibc-debuginfo-common-0:2.17-79.ael7b_1
glibc-debuginfo-common-0:2.17-79.el7_1
glibc-devel-0:2.17-79.ael7b_1
glibc-devel-0:2.17-79.el7_1
glibc-headers-0:2.17-79.ael7b_1
glibc-headers-0:2.17-79.el7_1
glibc-static-0:2.17-79.ael7b_1
glibc-static-0:2.17-79.el7_1
glibc-utils-0:2.17-79.ael7b_1
glibc-utils-0:2.17-79.el7_1
nscd-0:2.17-79.ael7b_1
nscd-0:2.17-79.el7_1
glibc-0:2.12-1.132.el6_5.8
glibc-common-0:2.12-1.132.el6_5.8
glibc-debuginfo-0:2.12-1.132.el6_5.8
glibc-debuginfo-common-0:2.12-1.132.el6_5.8
glibc-devel-0:2.12-1.132.el6_5.8
glibc-headers-0:2.12-1.132.el6_5.8
glibc-static-0:2.12-1.132.el6_5.8
glibc-utils-0:2.12-1.132.el6_5.8
nscd-0:2.12-1.132.el6_5.8

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Redhat

References