RHEL 5 / 6 / 7 : glibc (CVE-2014-9402)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is potentially affected by a denial of service
vulnerability.

Description :

The remote Red Hat Enterprise Linux host has a version of glibc
installed that is similar in patching level to version 2.21 of the
official glibc library. It is, therefore, potentially affected by a
denial of service vulnerability due to improper handling of alias
names supplied to the getnetbyname() function. A remote attacker can
exploit this to cause an invite loop by sending a positive answer to
the host while a network name is being processed.

Note that Red Hat has no plans to release a patch since the host will
only be affected by the vulnerability if it is running a 'networks:
file dns' non-standard configuration in /etc/nsswitch.conf, and the
host is targeted by a separate DNS spoofing attack.

See also :

https://www.redhat.com/security/data/cve/CVE-2014-9402.html

Solution :

No patch from Red Hat is currently available. However, users are
advised to check their settings, and upgrade to a glibc package
released after February, 2nd 2015.

Risk factor :

Low / CVSS Base Score : 1.2
(CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 0.9
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 88862 ()

Bugtraq ID: 71670

CVE ID: CVE-2014-9402

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now