Vulnerabilities > CVE-2016-6323 - Improper Access Control vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
gnu
opensuse
fedoraproject
CWE-284
nessus

Summary

The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.

Vulnerable Configurations

Part Description Count
Application
Gnu
117
OS
Opensuse
1
OS
Fedoraproject
3

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Embedding Scripts within Scripts
    An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute scripts. The attacker leverages this capability to execute scripts to execute his/her own script by embedding it within other scripts that the target software is likely to execute. The attacker must have the ability to inject script into script that is likely to be executed. If this is done, then the attacker can potentially launch a variety of probes and attacks against the web server's local environment, in many cases the so-called DMZ, back end resources the web server can communicate with, and other hosts. With the proliferation of intermediaries, such as Web App Firewalls, network devices, and even printers having JVMs and Web servers, there are many locales where an attacker can inject malicious scripts. Since this attack pattern defines scripts within scripts, there are likely privileges to execute said attack on the host. Of course, these attacks are not solely limited to the server side, client side scripts like Ajax and client side JavaScript can contain malicious scripts as well. In general all that is required is for there to be sufficient privileges to execute a script, but not protected against writing.
  • Signature Spoofing by Key Theft
    An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-7BEFBE5E19.NASL
    descriptionSecurity fix for CVE-2016-6323. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-11-15
    plugin id94822
    published2016-11-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94822
    titleFedora 25 : glibc-arm-linux-gnu (2016-7befbe5e19)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2016-7befbe5e19.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(94822);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2016-6323");
      script_xref(name:"FEDORA", value:"2016-7befbe5e19");
    
      script_name(english:"Fedora 25 : glibc-arm-linux-gnu (2016-7befbe5e19)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security fix for CVE-2016-6323.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2016-7befbe5e19"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected glibc-arm-linux-gnu package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-arm-linux-gnu");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/10/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/15");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^25([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC25", reference:"glibc-arm-linux-gnu-2.24-2.fc25")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc-arm-linux-gnu");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3239-1.NASL
    descriptionIt was discovered that the GNU C Library incorrectly handled the strxfrm() function. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982) It was discovered that an integer overflow existed in the _IO_wstr_overflow() function of the GNU C Library. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8983) It was discovered that the fnmatch() function in the GNU C Library did not properly handle certain malformed patterns. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984) Alexander Cherepanov discovered a stack-based buffer overflow in the glob implementation of the GNU C Library. An attacker could use this to specially craft a directory layout and cause a denial of service. (CVE-2016-1234) Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2015-5180) Michael Petlan discovered an unbounded stack allocation in the getaddrinfo() function of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-3706) Aldy Hernandez discovered an unbounded stack allocation in the sunrpc implementation in the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-4429) Tim Ruehsen discovered that the getaddrinfo() implementation in the GNU C Library did not properly track memory allocations. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-5417) Andreas Schwab discovered that the GNU C Library on ARM 32-bit platforms did not properly set up execution contexts. An attacker could use this to cause a denial of service. (CVE-2016-6323). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id97856
    published2017-03-21
    reporterUbuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97856
    titleUbuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : eglibc, glibc vulnerabilities (USN-3239-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-3239-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(97856);
      script_version("3.6");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/22");
    
      script_cve_id("CVE-2015-5180", "CVE-2015-8982", "CVE-2015-8983", "CVE-2015-8984", "CVE-2016-1234", "CVE-2016-3706", "CVE-2016-4429", "CVE-2016-5417", "CVE-2016-6323");
      script_xref(name:"USN", value:"3239-1");
    
      script_name(english:"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : eglibc, glibc vulnerabilities (USN-3239-1)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "It was discovered that the GNU C Library incorrectly handled the
    strxfrm() function. An attacker could use this issue to cause a denial
    of service or possibly execute arbitrary code. This issue only
    affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982)
    
    It was discovered that an integer overflow existed in the
    _IO_wstr_overflow() function of the GNU C Library. An attacker could
    use this to cause a denial of service or possibly execute arbitrary
    code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
    (CVE-2015-8983)
    
    It was discovered that the fnmatch() function in the GNU C Library did
    not properly handle certain malformed patterns. An attacker could use
    this to cause a denial of service. This issue only affected Ubuntu
    12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984)
    
    Alexander Cherepanov discovered a stack-based buffer overflow in the
    glob implementation of the GNU C Library. An attacker could use this
    to specially craft a directory layout and cause a denial of service.
    (CVE-2016-1234)
    
    Florian Weimer discovered a NULL pointer dereference in the DNS
    resolver of the GNU C Library. An attacker could use this to cause a
    denial of service. (CVE-2015-5180)
    
    Michael Petlan discovered an unbounded stack allocation in the
    getaddrinfo() function of the GNU C Library. An attacker could use
    this to cause a denial of service. (CVE-2016-3706)
    
    Aldy Hernandez discovered an unbounded stack allocation in the sunrpc
    implementation in the GNU C Library. An attacker could use this to
    cause a denial of service. (CVE-2016-4429)
    
    Tim Ruehsen discovered that the getaddrinfo() implementation in the
    GNU C Library did not properly track memory allocations. An attacker
    could use this to cause a denial of service. This issue only affected
    Ubuntu 16.04 LTS. (CVE-2016-5417)
    
    Andreas Schwab discovered that the GNU C Library on ARM 32-bit
    platforms did not properly set up execution contexts. An attacker
    could use this to cause a denial of service. (CVE-2016-6323).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/3239-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected libc6 package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libc6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/06/01");
      script_set_attribute(attribute:"patch_publication_date", value:"2017/03/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2017/03/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2017-2020 Canonical, Inc. / NASL script (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(12\.04|14\.04|16\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 16.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"12.04", pkgname:"libc6", pkgver:"2.15-0ubuntu10.16")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"libc6", pkgver:"2.19-0ubuntu6.10")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"libc6", pkgver:"2.23-0ubuntu6")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libc6");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-57CBA655D5.NASL
    descriptionThis update addresses user-reported bugs and one minor security vulnerability (CVE-2016-6323, affects armhfp only). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-11-15
    plugin id94809
    published2016-11-15
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94809
    titleFedora 25 : glibc (2016-57cba655d5)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2016-57cba655d5.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(94809);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2016-6323");
      script_xref(name:"FEDORA", value:"2016-57cba655d5");
    
      script_name(english:"Fedora 25 : glibc (2016-57cba655d5)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update addresses user-reported bugs and one minor security
    vulnerability (CVE-2016-6323, affects armhfp only).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2016-57cba655d5"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected glibc package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:25");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/08/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/15");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^25([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 25", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC25", reference:"glibc-2.24-3.fc25")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1149.NASL
    descriptionThis update for glibc fixes the following issues : Security issues fixed : - arm: mark __startcontext as .cantunwind (CVE-2016-6323, boo#994359, BZ #20435) Bugs fixed : - aarch64: Merge __local_multiple_threads offset with memory reference - Fix memory leak in regexp compiler (BZ #17069) - Provide correct buffer length to netgroup queries in nscd (BZ #16695) - Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer (BZ #16878) - aarch64: End frame record chain correctly (BZ #17555) - _IO_wstr_overflow integer overflow (BZ #17269) - Fix nscd lookup when netgroup has wildcards (BZ #16758, BZ #16759) - Avoid overlapping addresses to stpcpy calls in nscd (BZ #16760) - resolv: Always set *resplen2 out parameter in send_dg (boo#994576, BZ #19791) - Fix memory handling in strxfrm_l (BZ #16009) - Harden tls_dtor_list with pointer mangling (BZ #19018) - open and openat ignore
    last seen2020-06-05
    modified2016-10-05
    plugin id93852
    published2016-10-05
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/93852
    titleopenSUSE Security Update : glibc (openSUSE-2016-1149)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2016-1149.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(93852);
      script_version("2.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2016-6323");
    
      script_name(english:"openSUSE Security Update : glibc (openSUSE-2016-1149)");
      script_summary(english:"Check for the openSUSE-2016-1149 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for glibc fixes the following issues :
    
    Security issues fixed :
    
      - arm: mark __startcontext as .cantunwind (CVE-2016-6323,
        boo#994359, BZ #20435)
    
    Bugs fixed :
    
      - aarch64: Merge __local_multiple_threads offset with
        memory reference
    
      - Fix memory leak in regexp compiler (BZ #17069)
    
      - Provide correct buffer length to netgroup queries in
        nscd (BZ #16695)
    
      - Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer
        (BZ #16878)
    
      - aarch64: End frame record chain correctly (BZ #17555)
    
      - _IO_wstr_overflow integer overflow (BZ #17269)
    
      - Fix nscd lookup when netgroup has wildcards (BZ #16758,
        BZ #16759)
    
      - Avoid overlapping addresses to stpcpy calls in nscd (BZ
        #16760)
    
      - resolv: Always set *resplen2 out parameter in send_dg
        (boo#994576, BZ #19791)
    
      - Fix memory handling in strxfrm_l (BZ #16009)
    
      - Harden tls_dtor_list with pointer mangling (BZ #19018)
    
      - open and openat ignore 'mode' with O_TMPFILE in flags
        (BZ #17523)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=994359"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=994576"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected glibc packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-static");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-devel-static-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-extra");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-extra-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-html");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-i18ndata");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-info");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-locale-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-obsolete");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-obsolete-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-profile");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-profile-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:glibc-utils-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nscd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nscd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/10/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/10/05");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-debuginfo-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-debugsource-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-devel-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-devel-debuginfo-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-devel-static-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-extra-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-extra-debuginfo-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-html-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-i18ndata-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-info-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-locale-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-locale-debuginfo-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-obsolete-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-obsolete-debuginfo-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-profile-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-utils-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-utils-debuginfo-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"glibc-utils-debugsource-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"nscd-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"nscd-debuginfo-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-32bit-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-debuginfo-32bit-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-devel-32bit-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-devel-debuginfo-32bit-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-devel-static-32bit-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-locale-32bit-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-locale-debuginfo-32bit-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-profile-32bit-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-utils-32bit-2.19-16.28.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"glibc-utils-debuginfo-32bit-2.19-16.28.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc-utils / glibc-utils-32bit / glibc-utils-debuginfo / etc");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-7E57EDC4CC.NASL
    descriptionSecurity fix for CVE-2016-6323. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-10-20
    plugin id94148
    published2016-10-20
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94148
    titleFedora 24 : glibc-arm-linux-gnu (2016-7e57edc4cc)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2016-7e57edc4cc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(94148);
      script_version("2.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2016-6323");
      script_xref(name:"FEDORA", value:"2016-7e57edc4cc");
    
      script_name(english:"Fedora 24 : glibc-arm-linux-gnu (2016-7e57edc4cc)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security fix for CVE-2016-6323.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e57edc4cc"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected glibc-arm-linux-gnu package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:glibc-arm-linux-gnu");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:24");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2016/10/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/10/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^24([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 24", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC24", reference:"glibc-arm-linux-gnu-2.24-2.fc24")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc-arm-linux-gnu");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-5F050A0A6D.NASL
    descriptionThis update addresses user-reported bugs and one minor security vulnerability (CVE-2016-6323, affects armhfp only). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-08-22
    plugin id93056
    published2016-08-22
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93056
    titleFedora 24 : glibc (2016-5f050a0a6d)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201706-19.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201706-19 (GNU C Library: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers and Qualys&rsquo; security advisory referenced below for details. Impact : An attacker could possibly execute arbitrary code with the privileges of the process, escalate privileges or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id100945
    published2017-06-21
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100945
    titleGLSA-201706-19 : GNU C Library: Multiple vulnerabilities (Stack Clash)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3239-3.NASL
    descriptionUSN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2016-3706 introduced a regression that in some circumstances prevented IPv6 addresses from resolving. This update reverts the change in Ubuntu 12.04 LTS. We apologize for the error. It was discovered that the GNU C Library incorrectly handled the strxfrm() function. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982) It was discovered that an integer overflow existed in the _IO_wstr_overflow() function of the GNU C Library. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8983) It was discovered that the fnmatch() function in the GNU C Library did not properly handle certain malformed patterns. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984) Alexander Cherepanov discovered a stack-based buffer overflow in the glob implementation of the GNU C Library. An attacker could use this to specially craft a directory layout and cause a denial of service. (CVE-2016-1234) Michael Petlan discovered an unbounded stack allocation in the getaddrinfo() function of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-3706) Aldy Hernandez discovered an unbounded stack allocation in the sunrpc implementation in the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-4429) Tim Ruehsen discovered that the getaddrinfo() implementation in the GNU C Library did not properly track memory allocations. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-5417) Andreas Schwab discovered that the GNU C Library on ARM 32-bit platforms did not properly set up execution contexts. An attacker could use this to cause a denial of service. (CVE-2016-6323). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id97936
    published2017-03-24
    reporterUbuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97936
    titleUbuntu 12.04 LTS : eglibc regression (USN-3239-3)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-87DDE780B8.NASL
    descriptionThis update addresses user-reported bugs and one minor security vulnerability (CVE-2016-6323, which affects only armhfp). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-09-06
    plugin id93329
    published2016-09-06
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93329
    titleFedora 23 : glibc (2016-87dde780b8)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-B4C1B24A74.NASL
    descriptionSecurity fix for CVE-2016-6323. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-10-21
    plugin id94186
    published2016-10-21
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94186
    titleFedora 23 : glibc-arm-linux-gnu (2016-b4c1b24a74)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3239-2.NASL
    descriptionUSN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. We apologize for the inconvenience. Please note that long-running services that were restarted to compensate for the USN-3239-1 update may need to be restarted again. It was discovered that the GNU C Library incorrectly handled the strxfrm() function. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982) It was discovered that an integer overflow existed in the _IO_wstr_overflow() function of the GNU C Library. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8983) It was discovered that the fnmatch() function in the GNU C Library did not properly handle certain malformed patterns. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984) Alexander Cherepanov discovered a stack-based buffer overflow in the glob implementation of the GNU C Library. An attacker could use this to specially craft a directory layout and cause a denial of service. (CVE-2016-1234) Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2015-5180) Michael Petlan discovered an unbounded stack allocation in the getaddrinfo() function of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-3706) Aldy Hernandez discovered an unbounded stack allocation in the sunrpc implementation in the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-4429) Tim Ruehsen discovered that the getaddrinfo() implementation in the GNU C Library did not properly track memory allocations. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-5417) Andreas Schwab discovered that the GNU C Library on ARM 32-bit platforms did not properly set up execution contexts. An attacker could use this to cause a denial of service. (CVE-2016-6323). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id97887
    published2017-03-22
    reporterUbuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/97887
    titleUbuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : eglibc, glibc regression (USN-3239-2)

References