Arista Networks EOS libresolv Overflow RCE (SA0017)

Medium Nessus Plugin ID 107059


The version of Arista Networks EOS running on the remote device is affected by a remote code execution vulnerability.


The version of Arista Networks EOS running on the remote device is affected by multiple stack-based buffer overflow conditions in the GNU libresolv library, specifically within the send_dg() and send_vc() functions, when handling DNS responses that trigger a call to the getaddrinfo() function with the AF_UNSPEC or AF_INET6 address family.
An unauthenticated, remote attacker can exploit these issues, via a specially crafted DNS response, to cause a denial of service condition or the execution of arbitrary code.


Upgrade to Arista Networks EOS version 4.13.15M / 4.14.12M / 4.15.5M or later. Alternatively, apply the patch or recommended mitigation referenced in the vendor advisory.

See Also

Plugin Details

Severity: Medium

ID: 107059

File Name: arista_eos_sa0017.nasl

Version: 1.8

Type: combined

Family: Misc.

Published: 2018/02/28

Updated: 2020/03/13

Dependencies: 107070

Risk Information

Risk Factor: Medium

CVSS Score Source: CVE-2015-7547

CVSS v2.0

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 8.1

Temporal Score: 7.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:arista:eos

Required KB Items: Host/Arista-EOS/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/04/08

Vulnerability Publication Date: 2015/07/14

Reference Information

CVE: CVE-2015-7547

BID: 83265

CERT: 457759

EDB-ID: 39454, 40339