FreeBSD : glibc -- getaddrinfo stack-based buffer overflow (2dd7e97e-d5e8-11e5-bcbd-bc5ff45d0f28)

Fabio Olive Leite reports : A stack-based buffer overflow was found in libresolv when invoked from nssdns, allowing specially crafted DNS responses to seize control of EIP in the DNS client. The buffer overflow occurs in the functions senddg send datagram and sendvc send TCP for the NSS module...

Debian DSA-3481-1 : glibc - security update

Several vulnerabilities have been fixed in the GNU C Library, glibc. The first vulnerability listed below is considered to have critical impact. - CVE-2015-7547 The Google Security Team and Red Hat discovered that the glibc host name resolver function, getaddrinfo, when processing AFUNSPEC querie...

glibc vulnerable to stack buffer overflow in DNS resolver

Overview GNU glibc contains a buffer overflow vulnerability in the DNS resolver, which may allow a remote attacker to execute arbitrary code. Description CWE-121: Stack-based Buffer Overflow - CVE-2015-7547According to a Google security blog post: "The glibc DNS client side resolver is vulnerable...

Debian DLA-416-1 : eglibc security update

Several vulnerabilities have been fixed in the Debian GNU C Library, eglibc : CVE-2015-7547 The Google Security Team and Red Hat discovered that the glibc host name resolver function, getaddrinfo, when processing AFUNSPEC queries for dual A/AAAA lookups, could mismange its internal buffers, leadi...

GNU glibc getaddrinfo() stack buffer overflow vulnerability

GNU glibc is an open source C compiler released under the LGPL license and is an implementation of the C library for the Linux operating system. A stack overflow vulnerability exists in the getaddrinfo function of glibc when processing a specific dns response packet, which can be exploited by an...

Oracle Linux 7 : glibc (ELSA-2016-0176)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0176 advisory. - Revert problematic libresolv change, not needed for the CVE-2015-7547 fix 1296030. - Fix CVE-2015-7547: getaddrinfo stack-based buffer overflow...

glibc: getaddrinfo stack-based buffer overflow

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note...

[SECURITY] [DSA 3481-1] glibc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3481-1 [email protected] https://www.debian.org/security/ Florian Weimer February 16, 2016 https://www.debian.org/security/faq -...

UBUNTU-CVE-2015-7547

Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS response that triggers a call to...

CVE-2015-7547

Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS response that triggers a call to...

glibc - getaddrinfo Stack Based Buffer Overflow (1)

Exploit for linux platform in category dos / poc Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at...

Security Advisory 0017

Security Advisory 0017 PDF Date: October 31st, 2017 Version: 1.6 Revision | Date | Changes ---|---|--- 1.0 | February 16th, 2016 | Initial release 1.1 | February 19th, 2016 | Updates include assessment and mitigation 1.2 | February 25th, 2016 | Updates include options for mitigation and protectio...

DLA-416-1 eglibc - security update

Bulletin has no description...

DSA-3481-1 glibc - security update

Bulletin has no description...

glibc -- getaddrinfo stack-based buffer overflow

Fabio Olive Leite reports: A stack-based buffer overflow was found in libresolv when invoked from nssdns, allowing specially crafted DNS responses to seize control of EIP in the DNS client. The buffer overflow occurs in the functions senddg send datagram and sendvc send TCP for the NSS module...

glibc - getaddrinfo Stack Buffer Overflow (PoC)

glibc - getaddrinfo Stack Buffer Overflow PoC Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at...

glibc - 'getaddrinfo' Stack Buffer Overflow (PoC)

Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at nssdnsgethostbyname4r for hosting responses to a DNS...

VMware ESXi Multiple DoS (VMSA-2014-0008)

The remote ESXi host is affected by multiple denial of service vulnerabilities in the glibc library : - A buffer overflow condition exists in the extendbuffers function in file posix/regexec.c due to improper validation of user-supplied input when handling multibyte characters in a regular...

openvpn: out-of-bound read

The code always tried to copy-out a "struct sockaddrin6" even for IPv4 results, which reads more bytes than getaddrinfo is guaranteed to allocate...

glibc: getaddrinfo() writes DNS queries to random file descriptors under high load

It was discovered that, under certain circumstances, glibc's getaddrinfo function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application...