Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title glibc security update
Informations
Name RHSA-2015:0099 First vendor Publication 2015-01-28
Vendor RedHat Last vendor Modification 2015-01-28
Severity (Vendor) Critical Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterprise Linux 6.4 and 6.5 Extended Update Support.

Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AUS (v. 6.2 server) - x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.5) - x86_64 Red Hat Enterprise Linux EUS (v. 5.9 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.5) - x86_64 Red Hat Enterprise Linux LL (v. 5.6 server) - i386, ia64, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.5) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.5) - i386, ppc64, s390x, x86_64

3. Description:

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application. (CVE-2015-0235)

Red Hat would like to thank Qualys for reporting this issue.

All glibc users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1183461 - CVE-2015-0235 glibc: __nss_hostname_digits_dots() heap-based buffer overflow

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2015-0099.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28360
 
Oval ID: oval:org.mitre.oval:def:28360
Title: RHSA-2015:0090 -- glibc security update (Critical)
Description: The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application. (CVE-2015-0235) Red Hat would like to thank Qualys for reporting this issue. All glibc users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
Family: unix Class: patch
Reference(s): RHSA-2015:0090
CESA-2015:0090
CVE-2015-0235
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28438
 
Oval ID: oval:org.mitre.oval:def:28438
Title: RHSA-2015:0092 -- glibc security update (Critical)
Description: The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application. (CVE-2015-0235) Red Hat would like to thank Qualys for reporting this issue. All glibc users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
Family: unix Class: patch
Reference(s): RHSA-2015:0092
CESA-2015:0092-CentOS 6
CESA-2015:0092-CentOS 7
CVE-2015-0235
Version: 3
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
CentOS Linux 6
CentOS Linux 7
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28503
 
Oval ID: oval:org.mitre.oval:def:28503
Title: USN-2485-1 -- GNU C Library vulnerability
Description: It was discovered that a buffer overflow existed in the gethostbyname and gethostbyname2 functions in the GNU C Library. An attacker could use this issue to execute arbitrary code or cause an application crash, resulting in a denial of service.
Family: unix Class: patch
Reference(s): USN-2485-1
CVE-2015-0235
Version: 3
Platform(s): Ubuntu 12.04
Ubuntu 10.04
Product(s): eglibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28528
 
Oval ID: oval:org.mitre.oval:def:28528
Title: DSA-3142-1 -- eglibc -- security update
Description: Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library.
Family: unix Class: patch
Reference(s): DSA-3142-1
CVE-2012-6656
CVE-2014-6040
CVE-2014-7817
CVE-2015-0235
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): eglibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28622
 
Oval ID: oval:org.mitre.oval:def:28622
Title: ELSA-2015-0092 -- glibc security update (critical)
Description: [2.17-55.0.4.el7_0.5] - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. (Jose E. Marchesi) [2.17-55.5] - Rebuild and run regression testing. [2.17-55.4] - Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183535). [2.17-55.3] - Fix wordexp() to honour WRDE_NOCMD (CVE-2014-7817, #1170118) [2.17-55.2] - ftell: seek to end only when there are unflushed bytes (#1170187). [2.17-55.1] - Remove gconv transliteration loadable modules support (CVE-2014-5119, - _nl_find_locale: Improve handling of crafted locale names (CVE-2014-0475,
Family: unix Class: patch
Reference(s): ELSA-2015-0092
CVE-2015-0235
Version: 3
Platform(s): Oracle Linux 6
Oracle Linux 7
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28638
 
Oval ID: oval:org.mitre.oval:def:28638
Title: ELSA-2015-0090 -- glibc security update (critical)
Description: [2.5-123.0.1.el5_11.1] - Switch to use malloc when the input line is too long [Orabug 19951108] - Use a /sys/devices/system/cpu/online for _SC_NPROCESSORS_ONLN implementation [Orabug 17642251] (Joe Jin) [2.5-123.1] - Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183532).
Family: unix Class: patch
Reference(s): ELSA-2015-0090
CVE-2015-0235
Version: 3
Platform(s): Oracle Linux 5
Product(s): glibc
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Application 111
Application 3
Application 1
Application 1
Application 1
Application 1
Application 1
Application 5
Application 6
Application 2
Application 3
Application 2
Application 186
Application 616
Application 1
Os 104
Os 2
Os 2

Snort® IPS/IDS

Date Description
2016-09-27 WordPress pingback gethostbyname heap buffer overflow attempt
RuleID : 39925 - Revision : 2 - Type : SERVER-WEBAPP
2015-03-04 WordPress pingback gethostbyname heap buffer overflow attempt
RuleID : 33275 - Revision : 2 - Type : SERVER-WEBAPP
2015-03-04 Exim gethostbyname heap buffer overflow attempt
RuleID : 33226 - Revision : 3 - Type : SERVER-MAIL
2015-03-04 Exim gethostbyname heap buffer overflow attempt
RuleID : 33225 - Revision : 4 - Type : SERVER-MAIL

Nessus® Vulnerability Scanner

Date Description
2017-12-04 Name : The remote host is missing a vendor-supplied security patch.
File : check_point_gaia_sk104443.nasl - Type : ACT_GATHER_INFO
2016-07-19 Name : The remote device is affected by a remote code execution vulnerability.
File : cisco-sa-20150128-ghost-nxos.nasl - Type : ACT_GATHER_INFO
2016-02-17 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0013.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15r.nasl - Type : ACT_GATHER_INFO
2015-12-11 Name : The remote multi-function device is affected by multiple vulnerabilities.
File : xerox_xrx15ad_colorqube.nasl - Type : ACT_GATHER_INFO
2015-11-10 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-007.nasl - Type : ACT_GATHER_INFO
2015-10-29 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_11_1.nasl - Type : ACT_GATHER_INFO
2015-10-05 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_11.nasl - Type : ACT_GATHER_INFO
2015-09-18 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16057.nasl - Type : ACT_GATHER_INFO
2015-08-17 Name : The remote host is missing a vendor-supplied security patch.
File : cisco_cups_CSCus69785.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-005.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_4.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-139.nasl - Type : ACT_GATHER_INFO
2015-03-25 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-494.nasl - Type : ACT_GATHER_INFO
2015-03-17 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-493.nasl - Type : ACT_GATHER_INFO
2015-03-09 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201503-04.nasl - Type : ACT_GATHER_INFO
2015-03-05 Name : The remote Fedora host is missing a security update.
File : fedora_2015-2328.nasl - Type : ACT_GATHER_INFO
2015-03-02 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150128-ghost-iosxr_NCS6K.nasl - Type : ACT_GATHER_INFO
2015-03-02 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150128-ghost-iosxe_nova.nasl - Type : ACT_GATHER_INFO
2015-03-02 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150128-ghost-iosxe_multi.nasl - Type : ACT_GATHER_INFO
2015-02-27 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f7a9e415bdca11e4970c000c292ee6b8.nasl - Type : ACT_GATHER_INFO
2015-02-26 Name : The remote device is affected by a buffer overflow vulnerability.
File : cisco_cucm_CSCus66650-GHOST.nasl - Type : ACT_GATHER_INFO
2015-02-25 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_6_6.nasl - Type : ACT_GATHER_INFO
2015-02-25 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_5_22.nasl - Type : ACT_GATHER_INFO
2015-02-25 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_4_38.nasl - Type : ACT_GATHER_INFO
2015-02-24 Name : The remote Fedora host is missing a security update.
File : fedora_2015-2315.nasl - Type : ACT_GATHER_INFO
2015-02-20 Name : The remote device is affected by a buffer overflow vulnerability.
File : cisco-sa-20150128-ace.nasl - Type : ACT_GATHER_INFO
2015-02-18 Name : The version of Cisco TelePresence Video Communication Server installed on the...
File : cisco_telepresence_vcs_CSCus69558.nasl - Type : ACT_GATHER_INFO
2015-02-18 Name : The remote Cisco TelePresence Conductor device is affected by a buffer overfl...
File : cisco_telepresence_conductor_CSCus69523.nasl - Type : ACT_GATHER_INFO
2015-02-11 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-039.nasl - Type : ACT_GATHER_INFO
2015-02-06 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2015-0126.nasl - Type : ACT_GATHER_INFO
2015-02-04 Name : The remote host is affected by a buffer overflow vulnerability.
File : palo_alto_PAN-SA-2015-0002.nasl - Type : ACT_GATHER_INFO
2015-02-03 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-84.nasl - Type : ACT_GATHER_INFO
2015-02-02 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_glibc-9035.nasl - Type : ACT_GATHER_INFO
2015-02-02 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0024.nasl - Type : ACT_GATHER_INFO
2015-02-02 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0023.nasl - Type : ACT_GATHER_INFO
2015-01-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0101.nasl - Type : ACT_GATHER_INFO
2015-01-30 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0022.nasl - Type : ACT_GATHER_INFO
2015-01-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0101.nasl - Type : ACT_GATHER_INFO
2015-01-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0099.nasl - Type : ACT_GATHER_INFO
2015-01-29 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2015-028-01.nasl - Type : ACT_GATHER_INFO
2015-01-29 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_0765de84a6c111e4a0c1c485083ca99c.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0090.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2485-1.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150127_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150127_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0092.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-0090.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0092.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3142.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0092.nasl - Type : ACT_GATHER_INFO
2015-01-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-0090.nasl - Type : ACT_GATHER_INFO
2015-01-27 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-473.nasl - Type : ACT_GATHER_INFO
2015-01-27 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_glibc-150122.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2016-01-22 09:26:32
  • Multiple Updates
2015-01-30 13:24:27
  • Multiple Updates
2015-01-29 21:29:43
  • Multiple Updates
2015-01-29 00:27:22
  • Multiple Updates
2015-01-28 21:23:43
  • First insertion