Vulnerabilities > CVE-2013-7423 - Code vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-1207.NASL description An update for glibc is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * It was discovered that, under certain circumstances, glibc last seen 2020-06-01 modified 2020-06-02 plugin id 91497 published 2016-06-07 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91497 title RHEL 6 : glibc (RHSA-2016:1207) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2016:1207. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(91497); script_version("2.9"); script_cvs_date("Date: 2019/10/24 15:35:41"); script_cve_id("CVE-2013-7423"); script_xref(name:"RHSA", value:"2016:1207"); script_name(english:"RHEL 6 : glibc (RHSA-2016:1207)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for glibc is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data. (CVE-2013-7423)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2016:1207" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2013-7423" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-headers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nscd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.5"); script_set_attribute(attribute:"vuln_publication_date", value:"2015/02/24"); script_set_attribute(attribute:"patch_publication_date", value:"2016/06/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/07"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6\.5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.5", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2016:1207"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-common-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-debuginfo-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-debuginfo-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-debuginfo-common-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-debuginfo-common-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-devel-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-devel-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-headers-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"i686", reference:"glibc-static-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-static-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"glibc-utils-2.12-1.132.el6_5.8")) flag++; if (rpm_check(release:"RHEL6", sp:"5", cpu:"x86_64", reference:"nscd-2.12-1.132.el6_5.8")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc"); } }NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2015-617.NASL description A buffer overflow flaw was found in the way glibc last seen 2020-06-01 modified 2020-06-02 plugin id 87343 published 2015-12-15 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/87343 title Amazon Linux AMI : glibc (ALAS-2015-617) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2015-0055.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix invalid file descriptor reuse while sending DNS query (#1207995, CVE-2013-7423). - Fix buffer overflow in gethostbyname_r with misaligned buffer (#1209375, CVE-2015-1781). - Enhance nscd to detect any configuration file changes (#1194149). last seen 2020-06-01 modified 2020-06-02 plugin id 82983 published 2015-04-22 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82983 title OracleVM 3.3 : glibc (OVMSA-2015-0055) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2015-513.NASL description A buffer overflow flaw was found in the way glibc last seen 2020-06-01 modified 2020-06-02 plugin id 83056 published 2015-04-27 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/83056 title Amazon Linux AMI : glibc (ALAS-2015-513) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-2589.NASL description Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap (depending on adjacent heap contents). A local attacker could potentially use this flaw to execute arbitrary code on the system. (CVE-2015-5277) It was discovered that, under certain circumstances, glibc last seen 2020-06-01 modified 2020-06-02 plugin id 88573 published 2016-02-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88573 title RHEL 7 : glibc (RHSA-2015:2589) NASL family SuSE Local Security Checks NASL id SUSE_SU-2015-0550-1.NASL description glibc has been updated to fix four security issues : - CVE-2014-0475: Directory traversal in locale environment handling (bnc#887022) - CVE-2014-7817: wordexp failed to honour WRDE_NOCMD (bsc#906371) - CVE-2014-9402: Avoid infinite loop in nss_dns getnetbyname (bsc#910599) - CVE-2015-1472: Fixed buffer overflow in wscanf (bsc#916222) This non-security issue has been fixed : - Fix missing zero termination (bnc#918233) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 83704 published 2015-05-20 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/83704 title SUSE SLES10 Security Update : glibc (SUSE-SU-2015:0550-1) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2015-2199.NASL description From Red Hat Security Advisory 2015:2199 : Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc last seen 2020-06-01 modified 2020-06-02 plugin id 87092 published 2015-11-30 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87092 title Oracle Linux 7 : glibc (ELSA-2015-2199) NASL family SuSE Local Security Checks NASL id SUSE_SU-2015-0526-1.NASL description glibc has been updated to fix four security issues. These security issues were fixed : - CVE-2014-7817: The wordexp function in GNU C Library (aka glibc) 2.21 did not enforce the WRDE_NOCMD flag, which allowed context-dependent attackers to execute arbitrary commands, as demonstrated by input containing last seen 2020-06-01 modified 2020-06-02 plugin id 83701 published 2015-05-20 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/83701 title SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2015:0526-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201602-02.NASL description The remote host is affected by the vulnerability described in GLSA-201602-02 (GNU C Library: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the GNU C Library: The Google Security Team and Red Hat discovered a stack-based buffer overflow in the send_dg() and send_vc() functions due to a buffer mismanagement when getaddrinfo() is called with AF_UNSPEC (CVE-2015-7547). The strftime() function access invalid memory when passed out-of-range data, resulting in a crash (CVE-2015-8776). An integer overflow was found in the __hcreate_r() function (CVE-2015-8778). Multiple unbounded stack allocations were found in the catopen() function (CVE-2015-8779). Please review the CVEs referenced below for additional vulnerabilities that had already been fixed in previous versions of sys-libs/glibc, for which we have not issued a GLSA before. Impact : A remote attacker could exploit any application which performs host name resolution using getaddrinfo() in order to execute arbitrary code or crash the application. The other vulnerabilities can possibly be exploited to cause a Denial of Service or leak information. Workaround : A number of mitigating factors for CVE-2015-7547 have been identified. Please review the upstream advisory and references below. last seen 2020-06-01 modified 2020-06-02 plugin id 88822 published 2016-02-18 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88822 title GLSA-201602-02 : GNU C Library: Multiple vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2519-1.NASL description Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7423) It was discovered that the GNU C Library incorrectly handled receiving a positive answer while processing the network name when performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to hang, resulting in a denial of service. (CVE-2014-9402) Joseph Myers discovered that the GNU C Library wscanf function incorrectly handled memory. A remote attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1472, CVE-2015-1473). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 81572 published 2015-02-27 reporter Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/81572 title Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : eglibc, glibc vulnerabilities (USN-2519-1) NASL family OracleVM Local Security Checks NASL id ORACLEVM_OVMSA-2016-0013.NASL description The remote OracleVM system is missing necessary patches to address critical security updates : - Update fix for CVE-2015-7547 (#1296028). - Create helper threads with enough stack for POSIX AIO and timers (#1301625). - Fix CVE-2015-7547: getaddrinfo stack-based buffer overflow (#1296028). - Support loading more libraries with static TLS (#1291270). - Check for NULL arena pointer in _int_pvalloc (#1256890). - Don last seen 2020-06-01 modified 2020-06-02 plugin id 88783 published 2016-02-17 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/88783 title OracleVM 3.3 : glibc (OVMSA-2016-0013) (GHOST) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2015-0863.NASL description Updated glibc packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc last seen 2020-06-01 modified 2020-06-02 plugin id 82928 published 2015-04-22 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82928 title CentOS 6 : glibc (CESA-2015:0863) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2015-2199.NASL description Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc last seen 2020-06-01 modified 2020-06-02 plugin id 87142 published 2015-12-02 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87142 title CentOS 7 : glibc (CESA-2015:2199) NASL family SuSE Local Security Checks NASL id SUSE_SU-2015-0551-1.NASL description glibc has been updated to fix four security issues : - CVE-2014-0475: Directory traversal in locale environment handling (bnc#887022) - CVE-2014-7817: wordexp failed to honour WRDE_NOCMD (bsc#906371) - CVE-2014-9402: Avoid infinite loop in nss_dns getnetbyname (bsc#910599) - CVE-2015-1472: Fixed buffer overflow in wscanf (bsc#916222) - CVE-2013-7423: getaddrinfo() wrote DNS queries to random file descriptors under high load. (bnc#915526) The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 83705 published 2015-05-20 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/83705 title SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0551-1) NASL family Scientific Linux Local Security Checks NASL id SL_20151119_GLIBC_ON_SL7_X.NASL description It was discovered that, under certain circumstances, glibc last seen 2020-03-18 modified 2015-12-22 plugin id 87556 published 2015-12-22 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/87556 title Scientific Linux Security Update : glibc on SL7.x x86_64 (20151119) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-218.NASL description Multiple vulnerabilities has been found and corrected in glibc : It was discovered that, under certain circumstances, glibc last seen 2020-06-01 modified 2020-06-02 plugin id 83170 published 2015-05-01 reporter This script is Copyright (C) 2015-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/83170 title Mandriva Linux Security Advisory : glibc (MDVSA-2015:218) NASL family SuSE Local Security Checks NASL id SUSE_11_GLIBC-150226.NASL description glibc has ben updated to fix three security issues : - wordexp failed to honour WRDE_NOCMD (bsc#906371). (CVE-2014-7817) - Fixed invalid file descriptor reuse while sending DNS query (bsc#915526). (CVE-2013-7423) - Fixed buffer overflow in wscanf (bsc#916222) These non-security issues have been fixed:. (CVE-2015-1472) - Remove inaccurate assembler implementations of ceill, floorl, nearbyintl, roundl, truncl for PowerPC64 (bsc#917072) - Don last seen 2020-06-01 modified 2020-06-02 plugin id 81667 published 2015-03-06 reporter This script is Copyright (C) 2015-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81667 title SuSE 11.3 Security Update : glibc (SAT Patch Number 10357) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1552.NASL description According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap (depending on adjacent heap contents). A local attacker could potentially use this flaw to execute arbitrary code on the system.(CVE-2015-5277) - A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value (for example, specified in an LC_* environment variable) could possibly use this flaw to execute arbitrary code with the privileges of that application.(CVE-2014-0475) - It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure.(CVE-2015-8776) - The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.(CVE-2017-15670) - The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.(CVE-2013-4788) - An out-of-bounds read flaw was found in the way glibc last seen 2020-06-01 modified 2020-06-02 plugin id 125005 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125005 title EulerOS Virtualization 3.0.1.0 : glibc (EulerOS-SA-2019-1552) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2015-0863.NASL description From Red Hat Security Advisory 2015:0863 : Updated glibc packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc last seen 2020-06-01 modified 2020-06-02 plugin id 82980 published 2015-04-22 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82980 title Oracle Linux 6 : glibc (ELSA-2015-0863) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-2199.NASL description Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was discovered that, under certain circumstances, glibc last seen 2020-06-01 modified 2020-06-02 plugin id 86937 published 2015-11-19 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/86937 title RHEL 7 : glibc (RHSA-2015:2199) NASL family SuSE Local Security Checks NASL id OPENSUSE-2015-173.NASL description Glibc was updated to fix several security issues. - Avoid infinite loop in nss_dns getnetbyname (CVE-2014-9402, bsc#910599, BZ #17630) - wordexp fails to honour WRDE_NOCMD (CVE-2014-7817, bsc#906371, BZ #17625) - Fix invalid file descriptor reuse while sending DNS query (CVE-2013-7423, bsc#915526, BZ #15946) - Fix buffer overflow in wscanf (CVE-2015-1472, bsc#916222, BZ #16618) last seen 2020-06-05 modified 2015-02-27 plugin id 81560 published 2015-02-27 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/81560 title openSUSE Security Update : glibc (openSUSE-2015-173) NASL family Scientific Linux Local Security Checks NASL id SL_20150421_GLIBC_ON_SL6_X.NASL description A buffer overflow flaw was found in the way glibc last seen 2020-03-18 modified 2015-04-22 plugin id 82987 published 2015-04-22 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82987 title Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20150421) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-165.NASL description Several vulnerabilities have been fixed in eglibc, Debian last seen 2020-03-17 modified 2015-03-26 plugin id 82149 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82149 title Debian DLA-165-1 : eglibc security update NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-0863.NASL description Updated glibc packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw was found in the way glibc last seen 2020-06-01 modified 2020-06-02 plugin id 82984 published 2015-04-22 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82984 title RHEL 6 : glibc (RHSA-2015:0863)
Redhat
| advisories |
| ||||||||
| rpms |
|
References
- http://www.openwall.com/lists/oss-security/2015/01/28/20
- https://github.com/golang/go/issues/6336
- http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html
- https://sourceware.org/bugzilla/show_bug.cgi?id=15946
- http://www.ubuntu.com/usn/USN-2519-1
- http://www.securityfocus.com/bid/72844
- https://security.gentoo.org/glsa/201602-02
- https://access.redhat.com/errata/RHSA-2016:1207
- http://rhn.redhat.com/errata/RHSA-2015-0863.html
- http://seclists.org/fulldisclosure/2021/Sep/0
- http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html