Vulnerabilities > CVE-2016-3075 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
opensuse
gnu
fedoraproject
canonical
CWE-119
nessus

Summary

Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.

Vulnerable Configurations

Part Description Count
OS
Opensuse
1
OS
Fedoraproject
1
OS
Canonical
3
Application
Gnu
117

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2016-1073.NASL
    descriptionAccording to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack overflow vulnerability was found in _nss_dns_getnetbyname_r.On systems with nsswitch configured to include
    last seen2020-05-06
    modified2017-05-01
    plugin id99833
    published2017-05-01
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99833
    titleEulerOS 2.0 SP1 : glibc (EulerOS-SA-2016-1073)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2985-2.NASL
    descriptionUSN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-2014-9761 and a future update will be provided to address this issue. We apologize for the inconvenience. Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. (CVE-2013-2207, CVE-2016-2856) Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). (CVE-2014-8121) Joseph Myers discovered that the GNU C Library did not properly handle long arguments to functions returning a representation of Not a Number (NaN). An attacker could use this to cause a denial of service (stack exhaustion leading to an application crash) or possibly execute arbitrary code. (CVE-2014-9761) Arjun Shankar discovered that in certain situations the nss_dns code in the GNU C Library did not properly account buffer sizes when passed an unaligned buffer. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1781) Sumit Bose and Lukas Slebodnik discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not handle long lines in the files databases correctly. A local attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-5277) Adam Nielsen discovered that the strftime function in the GNU C Library did not properly handle out-of-range argument data. An attacker could use this to cause a denial of service (application crash) or possibly expose sensitive information. (CVE-2015-8776) Hector Marco and Ismael Ripoll discovered that the GNU C Library allowed the pointer-guarding protection mechanism to be disabled by honoring the LD_POINTER_GUARD environment variable across privilege boundaries. A local attacker could use this to exploit an existing vulnerability more easily. (CVE-2015-8777) Szabolcs Nagy discovered that the hcreate functions in the GNU C Library did not properly check its size argument, leading to an integer overflow. An attacker could use to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8778) Maksymilian Arciemowicz discovered a stack-based buffer overflow in the catopen function in the GNU C Library when handling long catalog names. An attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8779) Florian Weimer discovered that the getnetbyname implementation in the GNU C Library did not properly handle long names passed as arguments. An attacker could use to cause a denial of service (stack exhaustion leading to an application crash). (CVE-2016-3075). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id91341
    published2016-05-27
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91341
    titleUbuntu 12.04 LTS / 14.04 LTS / 15.10 : eglibc, glibc regression (USN-2985-2)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-B321728D74.NASL
    descriptionThis update contains minor security fixes (for CVE-2016-3075, CVE-2016-3706, and CVE-2016-1234) and collects fixes for bugs encountered by Fedora users. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-07-14
    plugin id92146
    published2016-07-14
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/92146
    titleFedora 24 : glibc (2016-b321728d74)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1721-1.NASL
    descriptionThis update for glibc provides the following fixes : - Increase DTV_SURPLUS limit. (bsc#968787) - Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727) - Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010) - Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164) - Fix malloc performance regression from SLE 11. (bsc#975930) - Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483) - Do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id93173
    published2016-08-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93173
    titleSUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2016:1721-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2985-1.NASL
    descriptionMartin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. (CVE-2013-2207, CVE-2016-2856) Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). (CVE-2014-8121) Joseph Myers discovered that the GNU C Library did not properly handle long arguments to functions returning a representation of Not a Number (NaN). An attacker could use this to cause a denial of service (stack exhaustion leading to an application crash) or possibly execute arbitrary code. (CVE-2014-9761) Arjun Shankar discovered that in certain situations the nss_dns code in the GNU C Library did not properly account buffer sizes when passed an unaligned buffer. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1781) Sumit Bose and Lukas Slebodnik discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not handle long lines in the files databases correctly. A local attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-5277) Adam Nielsen discovered that the strftime function in the GNU C Library did not properly handle out-of-range argument data. An attacker could use this to cause a denial of service (application crash) or possibly expose sensitive information. (CVE-2015-8776) Hector Marco and Ismael Ripoll discovered that the GNU C Library allowed the pointer-guarding protection mechanism to be disabled by honoring the LD_POINTER_GUARD environment variable across privilege boundaries. A local attacker could use this to exploit an existing vulnerability more easily. (CVE-2015-8777) Szabolcs Nagy discovered that the hcreate functions in the GNU C Library did not properly check its size argument, leading to an integer overflow. An attacker could use to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8778) Maksymilian Arciemowicz discovered a stack-based buffer overflow in the catopen function in the GNU C Library when handling long catalog names. An attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8779) Florian Weimer discovered that the getnetbyname implementation in the GNU C Library did not properly handle long names passed as arguments. An attacker could use to cause a denial of service (stack exhaustion leading to an application crash). (CVE-2016-3075). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id91334
    published2016-05-26
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91334
    titleUbuntu 12.04 LTS / 14.04 LTS / 15.10 : eglibc, glibc vulnerabilities (USN-2985-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-68ABC0BE35.NASL
    descriptionThis update contains minor security fixes (for CVE-2016-3075, CVE-2016-1234, CVE-2015-8778, CVE-2015-8776, CVE-2014-9761, CVE-2015-8779) and collects fixes for bugs encountered by Fedora users. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-05-12
    plugin id91063
    published2016-05-12
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/91063
    titleFedora 23 : glibc-2.22-15.fc23 (2016-68abc0be35)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-494.NASL
    descriptionSeveral vulnerabilities have been fixed in the Debian GNU C Library, eglibc : CVE-2016-1234 Alexander Cherepanov discovered that the glibc
    last seen2020-03-17
    modified2016-05-31
    plugin id91361
    published2016-05-31
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91361
    titleDebian DLA-494-1 : eglibc security update
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2016-2573.NASL
    descriptionFrom Red Hat Security Advisory 2016:2573 : An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include
    last seen2020-06-01
    modified2020-06-02
    plugin id94696
    published2016-11-11
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94696
    titleOracle Linux 7 : glibc (ELSA-2016-2573)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2156-1.NASL
    descriptionThis update for glibc fixes the following issues : - Drop old fix that could break services that start before IPv6 is up. (bsc#931399) - Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727) - Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010) - Relocate DSOs in dependency order, fixing a potential crash during symbol relocation phase. (bsc#986302) - Fix nscd assertion failure in gc. (bsc#965699) - Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164) - Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483) - Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id93309
    published2016-09-02
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93309
    titleSUSE SLES11 Security Update : glibc (SUSE-SU-2016:2156-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1733-1.NASL
    descriptionThis update for glibc provides the following fixes : - Increase DTV_SURPLUS limit. (bsc#968787) - Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727) - Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010) - Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164) - Fix malloc performance regression from SLE 11. (bsc#975930) - Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483) - Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854) - Remove mtrace.1, now included in the man-pages package. (bsc#967190) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id93175
    published2016-08-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93175
    titleSUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2016:1733-1)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2016-2573.NASL
    descriptionAn update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include
    last seen2020-06-01
    modified2020-06-02
    plugin id95320
    published2016-11-28
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95320
    titleCentOS 7 : glibc (CESA-2016:2573)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201702-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201702-11 (GNU C Library: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly execute arbitrary code with the privileges of the process, disclose sensitive information, or cause a Denial of Service condition via multiple vectors. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id97254
    published2017-02-21
    reporterThis script is Copyright (C) 2017 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/97254
    titleGLSA-201702-11 : GNU C Library: Multiple vulnerabilities
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2017-792.NASL
    descriptionA stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include
    last seen2020-06-01
    modified2020-06-02
    plugin id97022
    published2017-02-07
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/97022
    titleAmazon Linux AMI : glibc (ALAS-2017-792)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2017-0013.NASL
    descriptionAn update of [cracklib,libevent,libgcrypt,httpd,glibc] packages for PhotonOS has been released.
    last seen2019-02-21
    modified2019-02-07
    plugin id111862
    published2018-08-17
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=111862
    titlePhoton OS 1.0: Cracklib / Glibc / Httpd / Libevent / Libgcrypt PHSA-2017-0013 (deprecated)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1552.NASL
    descriptionAccording to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap (depending on adjacent heap contents). A local attacker could potentially use this flaw to execute arbitrary code on the system.(CVE-2015-5277) - A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value (for example, specified in an LC_* environment variable) could possibly use this flaw to execute arbitrary code with the privileges of that application.(CVE-2014-0475) - It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure.(CVE-2015-8776) - The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.(CVE-2017-15670) - The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.(CVE-2013-4788) - An out-of-bounds read flaw was found in the way glibc
    last seen2020-06-01
    modified2020-06-02
    plugin id125005
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125005
    titleEulerOS Virtualization 3.0.1.0 : glibc (EulerOS-SA-2019-1552)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2016-2573.NASL
    descriptionAn update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include
    last seen2020-06-01
    modified2020-06-02
    plugin id94536
    published2016-11-04
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94536
    titleRHEL 7 : glibc (RHSA-2016:2573)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2017-0013_GLIBC.NASL
    descriptionAn update of the glibc package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id121682
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121682
    titlePhoton OS 1.0: Glibc PHSA-2017-0013
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-852.NASL
    descriptionThis update for glibc provides the following fixes : - Increase DTV_SURPLUS limit. (bsc#968787) - Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727) - Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010) - Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164) - Fix malloc performance regression from SLE 11. (bsc#975930) - Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483) - Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854) - Remove mtrace.1, now included in the man-pages package. (bsc#967190) This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen2020-06-05
    modified2016-07-11
    plugin id91987
    published2016-07-11
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/91987
    titleopenSUSE Security Update : glibc (openSUSE-2016-852)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1344.NASL
    descriptionAccording to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.(CVE-2014-9402) - A stack overflow vulnerability was found in _nss_dns_getnetbyname_r.On systems with nsswitch configured to include
    last seen2020-06-01
    modified2020-06-02
    plugin id118432
    published2018-10-26
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118432
    titleEulerOS Virtualization 2.5.0 : glibc (EulerOS-SA-2018-1344)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20161103_GLIBC_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include
    last seen2020-03-18
    modified2016-12-15
    plugin id95840
    published2016-12-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95840
    titleScientific Linux Security Update : glibc on SL7.x x86_64 (20161103)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-699.NASL
    descriptionThis update for glibc fixes the following issues : - glob-altdirfunc.patch: Do not copy d_name field of struct dirent (CVE-2016-1234, boo#969727, BZ #19779) - nss-dns-memleak-2.patch: fix memory leak in _nss_dns_gethostbyname4_r (boo#973010) - nss-dns-getnetbyname.patch: fix stack overflow in _nss_dns_getnetbyname_r (CVE-2016-3075, boo#973164, BZ #19879) - getaddrinfo-hostent-conv-stack-overflow.patch: getaddrinfo stack overflow in hostent conversion (CVE-2016-3706, boo#980483, BZ #20010) - clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, boo#980854, BZ #20112)
    last seen2020-06-05
    modified2016-06-09
    plugin id91534
    published2016-06-09
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/91534
    titleopenSUSE Security Update : glibc (openSUSE-2016-699)

Redhat

advisories
bugzilla
id1346397
titleglibc: debug/tst-longjump_chk2 calls printf from a signal handler
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 7 is installed
      ovaloval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • commentnscd is earlier than 0:2.17-157.el7
          ovaloval:com.redhat.rhsa:tst:20162573001
        • commentnscd is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20120763014
      • AND
        • commentglibc-devel is earlier than 0:2.17-157.el7
          ovaloval:com.redhat.rhsa:tst:20162573003
        • commentglibc-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20120763006
      • AND
        • commentglibc is earlier than 0:2.17-157.el7
          ovaloval:com.redhat.rhsa:tst:20162573005
        • commentglibc is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20120763004
      • AND
        • commentglibc-common is earlier than 0:2.17-157.el7
          ovaloval:com.redhat.rhsa:tst:20162573007
        • commentglibc-common is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20120763008
      • AND
        • commentglibc-headers is earlier than 0:2.17-157.el7
          ovaloval:com.redhat.rhsa:tst:20162573009
        • commentglibc-headers is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20120763010
      • AND
        • commentglibc-utils is earlier than 0:2.17-157.el7
          ovaloval:com.redhat.rhsa:tst:20162573011
        • commentglibc-utils is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20120763012
      • AND
        • commentglibc-static is earlier than 0:2.17-157.el7
          ovaloval:com.redhat.rhsa:tst:20162573013
        • commentglibc-static is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20120763002
rhsa
idRHSA-2016:2573
released2016-11-03
severityLow
titleRHSA-2016:2573: glibc security, bug fix, and enhancement update (Low)
rpms
  • glibc-0:2.17-157.el7
  • glibc-common-0:2.17-157.el7
  • glibc-debuginfo-0:2.17-157.el7
  • glibc-debuginfo-common-0:2.17-157.el7
  • glibc-devel-0:2.17-157.el7
  • glibc-headers-0:2.17-157.el7
  • glibc-static-0:2.17-157.el7
  • glibc-utils-0:2.17-157.el7
  • nscd-0:2.17-157.el7