Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 DNS:EXPLOIT:LIBCVE-2015-7547BO2

Severity

 Major

Recommended

 Yes

Recommended Action

 Drop

Category

 DNS

Keywords

 GNU C Library getaddrinfo CVE-2015-7547 Buffer Overflow 2

Release Date

 2016/02/23

Update Number

 2654

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

DNS: GNU C Library getaddrinfo CVE-2015-7547 Buffer Overflow 2


This signature detects an attempt to exploit a known vulnerability against DNS while parsing certain function implemented in libresolv library e.g. send_dg and send_vc functions. Successful exploitation could allow an attacker to cause a buffer overflow condition into the context of running DNS server which could lead to further attacks.

Extended Description

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

Affected Products

  • Canonical ubuntu_linux 12.04
  • Canonical ubuntu_linux 14.04
  • Canonical ubuntu_linux 15.10
  • Debian debian_linux 8.0
  • F5 big-ip_access_policy_manager 12.0.0
  • F5 big-ip_advanced_firewall_manager 12.0.0
  • F5 big-ip_analytics 12.0.0
  • F5 big-ip_application_acceleration_manager 12.0.0
  • F5 big-ip_application_security_manager 12.0.0
  • F5 big-ip_domain_name_system 12.0.0
  • F5 big-ip_link_controller 12.0.0
  • F5 big-ip_local_traffic_manager 12.0.0
  • F5 big-ip_policy_enforcement_manager 12.0.0
  • Gnu glibc 2.10
  • Gnu glibc 2.10.1
  • Gnu glibc 2.11
  • Gnu glibc 2.11.1
  • Gnu glibc 2.11.2
  • Gnu glibc 2.11.3
  • Gnu glibc 2.12
  • Gnu glibc 2.12.1
  • Gnu glibc 2.12.2
  • Gnu glibc 2.13
  • Gnu glibc 2.14
  • Gnu glibc 2.14.1
  • Gnu glibc 2.15
  • Gnu glibc 2.16
  • Gnu glibc 2.17
  • Gnu glibc 2.18
  • Gnu glibc 2.19
  • Gnu glibc 2.20
  • Gnu glibc 2.21
  • Gnu glibc 2.22
  • Gnu glibc 2.9
  • Hp helion_openstack 1.1.1
  • Hp helion_openstack 2.0.0
  • Hp helion_openstack 2.1.0
  • Hp server_migration_pack 7.5
  • Opensuse opensuse 13.2
  • Oracle exalogic_infrastructure 1.0
  • Oracle exalogic_infrastructure 2.0
  • Oracle fujitsu_m10_firmware 2290
  • Redhat enterprise_linux_desktop 7.0
  • Redhat enterprise_linux_hpc_node 7.0
  • Redhat enterprise_linux_hpc_node_eus 7.2
  • Redhat enterprise_linux_server 7.0
  • Redhat enterprise_linux_server_aus 7.2
  • Redhat enterprise_linux_server_eus 7.2
  • Redhat enterprise_linux_workstation 7.0
  • Sophos unified_threat_management_software 9.319
  • Sophos unified_threat_management_software 9.355
  • Suse linux_enterprise_debuginfo 11.0
  • Suse linux_enterprise_desktop 11.0
  • Suse linux_enterprise_desktop 12
  • Suse linux_enterprise_server 11.0
  • Suse linux_enterprise_server 12
  • Suse linux_enterprise_software_development_kit 11.0
  • Suse linux_enterprise_software_development_kit 12
  • Suse suse_linux_enterprise_server 12

References

  • CVE: CVE-2015-7547
  • URL: https://googleonlinesecurity.blogspot.in/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out