EulerOS 2.0 SP1 : glibc (EulerOS-SA-2017-1199)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote EulerOS host is missing multiple security updates.

Description :

According to the versions of the glibc packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

- A stack overflow vulnerability was found in nan*
functions that could cause applications, which process
long strings with the nan function, to crash or,
potentially, execute arbitrary code. (CVE-2014-9761)

- It was found that out-of-range time values passed to
the strftime() function could result in an
out-of-bounds memory access. This could lead to
application crash or, potentially, information
disclosure. (CVE-2015-8776)

- An integer overflow vulnerability was found in
hcreate() and hcreate_r() functions which could result
in an out-of-bounds memory access. This could lead to
application crash or, potentially, arbitrary code
execution. (CVE-2015-8778)

- A stack based buffer overflow vulnerability was found
in the catopen() function. An excessively long string
passed to the function could cause it to crash or,
potentially, execute arbitrary code. (CVE-2015-8779)

- It was found that the dynamic loader did not sanitize
the LD_POINTER_GUARD environment variable. An attacker
could use this flaw to bypass the pointer guarding
protection on set-user-ID or set-group-ID programs to
execute arbitrary code with the permissions of the user
running the application. (CVE-2015-8777)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?bba3e03b

Solution :

Update the affected glibc packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Huawei Local Security Checks

Nessus Plugin ID: 103057 ()

Bugtraq ID:

CVE ID: CVE-2014-9761
CVE-2015-8776
CVE-2015-8777
CVE-2015-8778
CVE-2015-8779

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now