Multiple vulnerabilities in GNU Glibc
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU110110
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-7423
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.
MitigationInstall update from vendor's website.
Vulnerable software versionsGlibc: 0.1 - 2.1.97
CPE2.3- cpe:2.3:a:gnu:glibc:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:0.4.1:*:*:*:*:*:*:*
https://www.openwall.com/lists/oss-security/2015/01/28/20
https://github.com/golang/go/issues/6336
https://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html
https://sourceware.org/bugzilla/show_bug.cgi?id=15946
https://www.ubuntu.com/usn/USN-2519-1
https://www.securityfocus.com/bid/72844
https://security.gentoo.org/glsa/201602-02
https://access.redhat.com/errata/RHSA-2016:1207
https://rhn.redhat.com/errata/RHSA-2015-0863.html
https://seclists.org/fulldisclosure/2021/Sep/0
https://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU110106
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-5277
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
MitigationInstall update from vendor's website.
Vulnerable software versionsGlibc: 0.1 - 2.1.97
CPE2.3- cpe:2.3:a:gnu:glibc:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:0.4.1:*:*:*:*:*:*:*
https://bugzilla.redhat.com/show_bug.cgi?id=1262914
https://sourceware.org/bugzilla/show_bug.cgi?id=17079
https://www.securitytracker.com/id/1034196
https://rhn.redhat.com/errata/RHSA-2015-2172.html
https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html
https://www.ubuntu.com/usn/USN-2985-2
https://www.ubuntu.com/usn/USN-2985-1
https://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
https://www.securityfocus.com/bid/78092
https://security.gentoo.org/glsa/201702-11
https://seclists.org/fulldisclosure/2019/Sep/7
https://seclists.org/bugtraq/2019/Sep/7
https://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU110096
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2014-9984
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.
MitigationInstall update from vendor's website.
Vulnerable software versionsGlibc: 0.1 - 2.1.97
CPE2.3- cpe:2.3:a:gnu:glibc:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:glibc:0.4.1:*:*:*:*:*:*:*
https://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
https://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
https://seclists.org/fulldisclosure/2019/Jun/18
https://seclists.org/fulldisclosure/2019/Sep/7
https://www.securityfocus.com/bid/99071
https://seclists.org/bugtraq/2019/Jun/14
https://seclists.org/bugtraq/2019/Sep/7
https://sourceware.org/bugzilla/show_bug.cgi?id=16695
https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=c44496df2f090a56d3bf75df930592dac6bba46f
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
