F5 Networks BIG-IP : glibc vulnerability (K06493172)
Medium Nessus Plugin ID 119732
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionStack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458. (CVE-2016-3706)
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K06493172.