FreeBSD : glibc -- getaddrinfo stack-based buffer overflow (2dd7e97e-d5e8-11e5-bcbd-bc5ff45d0f28)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

Fabio Olive Leite reports :

A stack-based buffer overflow was found in libresolv when invoked from
nss_dns, allowing specially crafted DNS responses to seize control of
EIP in the DNS client. The buffer overflow occurs in the functions
send_dg (send datagram) and send_vc (send TCP) for the NSS module when calling getaddrinfo with AF_UNSPEC family, or in
some cases AF_INET6 family. The use of AF_UNSPEC (or AF_INET6 in some
cases) triggers the low-level resolver code to send out two parallel
queries for A and AAAA. A mismanagement of the buffers used for those
queries could result in the response of a query writing beyond the
alloca allocated buffer created by __res_nquery.

See also :

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 88817 ()

Bugtraq ID:

CVE ID: CVE-2015-7547

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now