Lucene search
Ubuntu.comUB:CVE-2013-7423HistoryFeb 24, 2015 - 12:00 a.m.
CVE-2013-7423
2015-02-2400:00:00
ubuntu.com
ubuntu.com
12
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
71.4%
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or
libc6) before 2.20 does not properly reuse file descriptors, which allows
remote attackers to send DNS queries to unintended locations via a large
number of requests that trigger a call to the getaddrinfo function.
Bugs
- <https://sourceware.org/bugzilla/show_bug.cgi?id=15946>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722075>
Notes
| Author | Note |
|---|---|
| mdeslaur | fixed by any/cvs-resolv-reuse-fd.diff in utopic |
Related
ibm
ibm
redhat
redhat
(RHSA-2016:1207) Moderate: glibc security update
2016-06-07 05:18:46
(RHSA-2015:0863) Moderate: glibc security and bug fix update
2015-04-21 00:00:00
(RHSA-2015:2199) Moderate: glibc security, bug fix, and enhancement update
2015-11-19 14:39:58
nessus
nessus
RHEL 6 : glibc (RHSA-2016:1207)
2016-06-07 00:00:00
Oracle Linux 6 : glibc (ELSA-2015-0863)
2015-04-22 00:00:00
Mandriva Linux Security Advisory : glibc (MDVSA-2015:218)
2015-05-01 00:00:00
prion
prion
Design/Logic Flaw
2015-02-24 15:59:00
f5
f5
K16841 : GNU C Library (glibc) vulnerability CVE-2013-7423
2015-11-12 00:00:00
SOL16841 - GNU C Library (glibc) vulnerability CVE-2013-7423
2015-07-02 00:00:00
cve
cve
CVE-2013-7423
2015-02-24 15:59:00
debiancve
debiancve
CVE-2013-7423
2015-02-24 15:59:00
openvas
openvas
RedHat Update for glibc RHSA-2015:0863-01
2015-04-22 00:00:00
Oracle Linux Local Check: ELSA-2015-0863
2015-10-06 00:00:00
CentOS Update for glibc CESA-2015:0863 centos6
2015-04-22 00:00:00
securityvulns
securityvulns
GNU glibc security vulnerabilities
2015-05-05 00:00:00
[ MDVSA-2015:218 ] glibc
2015-05-05 00:00:00
oraclelinux
oraclelinux
glibc security and bug fix update
2015-04-21 00:00:00
glibc security, bug fix, and enhancement update
2015-11-24 00:00:00
amazon
amazon
Medium: glibc
2015-04-22 16:12:00
Important: glibc
2015-12-14 10:00:00
centos
centos
glibc, nscd security update
2015-04-21 13:07:39
glibc, nscd security update
2015-11-30 19:30:07
ubuntu
ubuntu
GNU C Library vulnerabilities
2015-02-26 00:00:00
mageia
mageia
Updated glibc packages fix security vulnerabilities
2015-05-06 18:16:01
zdt
zdt
Moxa Command Injection / Cross Site Scripting Vulnerabilities
2021-09-01 00:00:00
packetstorm
packetstorm
Moxa Command Injection / Cross Site Scripting / Vulnerable Software
2021-09-01 00:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2016-02-17 00:00:00
debian
debian
[SECURITY] [DLA 165-1] eglibc security update
2015-03-06 15:39:53
osv
osv
eglibc - security update
2015-03-06 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
71.4%
Related for UB:CVE-2013-7423