Vulnerabilities > CVE-2016-3075 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Overflow Buffers Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
- Client-side Injection-induced Buffer Overflow This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
- Filter Failure through Buffer Overflow In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
- MIME Conversion An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
Nessus
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2016-1073.NASL description According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack overflow vulnerability was found in _nss_dns_getnetbyname_r.On systems with nsswitch configured to include last seen 2020-05-06 modified 2017-05-01 plugin id 99833 published 2017-05-01 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99833 title EulerOS 2.0 SP1 : glibc (EulerOS-SA-2016-1073) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2985-2.NASL description USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-2014-9761 and a future update will be provided to address this issue. We apologize for the inconvenience. Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. (CVE-2013-2207, CVE-2016-2856) Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). (CVE-2014-8121) Joseph Myers discovered that the GNU C Library did not properly handle long arguments to functions returning a representation of Not a Number (NaN). An attacker could use this to cause a denial of service (stack exhaustion leading to an application crash) or possibly execute arbitrary code. (CVE-2014-9761) Arjun Shankar discovered that in certain situations the nss_dns code in the GNU C Library did not properly account buffer sizes when passed an unaligned buffer. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1781) Sumit Bose and Lukas Slebodnik discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not handle long lines in the files databases correctly. A local attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-5277) Adam Nielsen discovered that the strftime function in the GNU C Library did not properly handle out-of-range argument data. An attacker could use this to cause a denial of service (application crash) or possibly expose sensitive information. (CVE-2015-8776) Hector Marco and Ismael Ripoll discovered that the GNU C Library allowed the pointer-guarding protection mechanism to be disabled by honoring the LD_POINTER_GUARD environment variable across privilege boundaries. A local attacker could use this to exploit an existing vulnerability more easily. (CVE-2015-8777) Szabolcs Nagy discovered that the hcreate functions in the GNU C Library did not properly check its size argument, leading to an integer overflow. An attacker could use to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8778) Maksymilian Arciemowicz discovered a stack-based buffer overflow in the catopen function in the GNU C Library when handling long catalog names. An attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8779) Florian Weimer discovered that the getnetbyname implementation in the GNU C Library did not properly handle long names passed as arguments. An attacker could use to cause a denial of service (stack exhaustion leading to an application crash). (CVE-2016-3075). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 91341 published 2016-05-27 reporter Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91341 title Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : eglibc, glibc regression (USN-2985-2) NASL family Fedora Local Security Checks NASL id FEDORA_2016-B321728D74.NASL description This update contains minor security fixes (for CVE-2016-3075, CVE-2016-3706, and CVE-2016-1234) and collects fixes for bugs encountered by Fedora users. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-07-14 plugin id 92146 published 2016-07-14 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/92146 title Fedora 24 : glibc (2016-b321728d74) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-1721-1.NASL description This update for glibc provides the following fixes : - Increase DTV_SURPLUS limit. (bsc#968787) - Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727) - Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010) - Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164) - Fix malloc performance regression from SLE 11. (bsc#975930) - Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483) - Do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 93173 published 2016-08-29 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93173 title SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2016:1721-1) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2985-1.NASL description Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. (CVE-2013-2207, CVE-2016-2856) Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). (CVE-2014-8121) Joseph Myers discovered that the GNU C Library did not properly handle long arguments to functions returning a representation of Not a Number (NaN). An attacker could use this to cause a denial of service (stack exhaustion leading to an application crash) or possibly execute arbitrary code. (CVE-2014-9761) Arjun Shankar discovered that in certain situations the nss_dns code in the GNU C Library did not properly account buffer sizes when passed an unaligned buffer. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2015-1781) Sumit Bose and Lukas Slebodnik discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not handle long lines in the files databases correctly. A local attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-5277) Adam Nielsen discovered that the strftime function in the GNU C Library did not properly handle out-of-range argument data. An attacker could use this to cause a denial of service (application crash) or possibly expose sensitive information. (CVE-2015-8776) Hector Marco and Ismael Ripoll discovered that the GNU C Library allowed the pointer-guarding protection mechanism to be disabled by honoring the LD_POINTER_GUARD environment variable across privilege boundaries. A local attacker could use this to exploit an existing vulnerability more easily. (CVE-2015-8777) Szabolcs Nagy discovered that the hcreate functions in the GNU C Library did not properly check its size argument, leading to an integer overflow. An attacker could use to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8778) Maksymilian Arciemowicz discovered a stack-based buffer overflow in the catopen function in the GNU C Library when handling long catalog names. An attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2015-8779) Florian Weimer discovered that the getnetbyname implementation in the GNU C Library did not properly handle long names passed as arguments. An attacker could use to cause a denial of service (stack exhaustion leading to an application crash). (CVE-2016-3075). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 91334 published 2016-05-26 reporter Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91334 title Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : eglibc, glibc vulnerabilities (USN-2985-1) NASL family Fedora Local Security Checks NASL id FEDORA_2016-68ABC0BE35.NASL description This update contains minor security fixes (for CVE-2016-3075, CVE-2016-1234, CVE-2015-8778, CVE-2015-8776, CVE-2014-9761, CVE-2015-8779) and collects fixes for bugs encountered by Fedora users. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-05-12 plugin id 91063 published 2016-05-12 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/91063 title Fedora 23 : glibc-2.22-15.fc23 (2016-68abc0be35) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-494.NASL description Several vulnerabilities have been fixed in the Debian GNU C Library, eglibc : CVE-2016-1234 Alexander Cherepanov discovered that the glibc last seen 2020-03-17 modified 2016-05-31 plugin id 91361 published 2016-05-31 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/91361 title Debian DLA-494-1 : eglibc security update NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-2573.NASL description From Red Hat Security Advisory 2016:2573 : An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include last seen 2020-06-01 modified 2020-06-02 plugin id 94696 published 2016-11-11 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94696 title Oracle Linux 7 : glibc (ELSA-2016-2573) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-2156-1.NASL description This update for glibc fixes the following issues : - Drop old fix that could break services that start before IPv6 is up. (bsc#931399) - Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727) - Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010) - Relocate DSOs in dependency order, fixing a potential crash during symbol relocation phase. (bsc#986302) - Fix nscd assertion failure in gc. (bsc#965699) - Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164) - Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483) - Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 93309 published 2016-09-02 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93309 title SUSE SLES11 Security Update : glibc (SUSE-SU-2016:2156-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2016-1733-1.NASL description This update for glibc provides the following fixes : - Increase DTV_SURPLUS limit. (bsc#968787) - Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727) - Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010) - Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164) - Fix malloc performance regression from SLE 11. (bsc#975930) - Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483) - Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854) - Remove mtrace.1, now included in the man-pages package. (bsc#967190) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 93175 published 2016-08-29 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93175 title SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2016:1733-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-2573.NASL description An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include last seen 2020-06-01 modified 2020-06-02 plugin id 95320 published 2016-11-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95320 title CentOS 7 : glibc (CESA-2016:2573) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201702-11.NASL description The remote host is affected by the vulnerability described in GLSA-201702-11 (GNU C Library: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly execute arbitrary code with the privileges of the process, disclose sensitive information, or cause a Denial of Service condition via multiple vectors. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 97254 published 2017-02-21 reporter This script is Copyright (C) 2017 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/97254 title GLSA-201702-11 : GNU C Library: Multiple vulnerabilities NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2017-792.NASL description A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include last seen 2020-06-01 modified 2020-06-02 plugin id 97022 published 2017-02-07 reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/97022 title Amazon Linux AMI : glibc (ALAS-2017-792) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0013.NASL description An update of [cracklib,libevent,libgcrypt,httpd,glibc] packages for PhotonOS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111862 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111862 title Photon OS 1.0: Cracklib / Glibc / Httpd / Libevent / Libgcrypt PHSA-2017-0013 (deprecated) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1552.NASL description According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was discovered that the nss_files backend for the Name Service Switch in glibc would return incorrect data to applications or corrupt the heap (depending on adjacent heap contents). A local attacker could potentially use this flaw to execute arbitrary code on the system.(CVE-2015-5277) - A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value (for example, specified in an LC_* environment variable) could possibly use this flaw to execute arbitrary code with the privileges of that application.(CVE-2014-0475) - It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure.(CVE-2015-8776) - The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.(CVE-2017-15670) - The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.(CVE-2013-4788) - An out-of-bounds read flaw was found in the way glibc last seen 2020-06-01 modified 2020-06-02 plugin id 125005 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125005 title EulerOS Virtualization 3.0.1.0 : glibc (EulerOS-SA-2019-1552) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-2573.NASL description An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es) : * A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include last seen 2020-06-01 modified 2020-06-02 plugin id 94536 published 2016-11-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94536 title RHEL 7 : glibc (RHSA-2016:2573) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0013_GLIBC.NASL description An update of the glibc package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121682 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121682 title Photon OS 1.0: Glibc PHSA-2017-0013 NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-852.NASL description This update for glibc provides the following fixes : - Increase DTV_SURPLUS limit. (bsc#968787) - Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727) - Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010) - Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164) - Fix malloc performance regression from SLE 11. (bsc#975930) - Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483) - Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854) - Remove mtrace.1, now included in the man-pages package. (bsc#967190) This update was imported from the SUSE:SLE-12-SP1:Update update project. last seen 2020-06-05 modified 2016-07-11 plugin id 91987 published 2016-07-11 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/91987 title openSUSE Security Update : glibc (openSUSE-2016-852) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1344.NASL description According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.(CVE-2014-9402) - A stack overflow vulnerability was found in _nss_dns_getnetbyname_r.On systems with nsswitch configured to include last seen 2020-06-01 modified 2020-06-02 plugin id 118432 published 2018-10-26 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118432 title EulerOS Virtualization 2.5.0 : glibc (EulerOS-SA-2018-1344) NASL family Scientific Linux Local Security Checks NASL id SL_20161103_GLIBC_ON_SL7_X.NASL description Security Fix(es) : - A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include last seen 2020-03-18 modified 2016-12-15 plugin id 95840 published 2016-12-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95840 title Scientific Linux Security Update : glibc on SL7.x x86_64 (20161103) NASL family SuSE Local Security Checks NASL id OPENSUSE-2016-699.NASL description This update for glibc fixes the following issues : - glob-altdirfunc.patch: Do not copy d_name field of struct dirent (CVE-2016-1234, boo#969727, BZ #19779) - nss-dns-memleak-2.patch: fix memory leak in _nss_dns_gethostbyname4_r (boo#973010) - nss-dns-getnetbyname.patch: fix stack overflow in _nss_dns_getnetbyname_r (CVE-2016-3075, boo#973164, BZ #19879) - getaddrinfo-hostent-conv-stack-overflow.patch: getaddrinfo stack overflow in hostent conversion (CVE-2016-3706, boo#980483, BZ #20010) - clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, boo#980854, BZ #20112) last seen 2020-06-05 modified 2016-06-09 plugin id 91534 published 2016-06-09 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/91534 title openSUSE Security Update : glibc (openSUSE-2016-699)
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://www.ubuntu.com/usn/USN-2985-1
- https://sourceware.org/bugzilla/show_bug.cgi?id=19879
- http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html
- http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html
- http://www.securityfocus.com/bid/85732
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html
- https://security.gentoo.org/glsa/201702-11
- http://rhn.redhat.com/errata/RHSA-2016-2573.html
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=317b199b4aff8cfa27f2302ab404d2bb5032b9a4