OracleVM 3.3 : glibc (OVMSA-2016-0013) (GHOST)

high Nessus Plugin ID 88783
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote OracleVM host is missing one or more security updates.


The remote OracleVM system is missing necessary patches to address critical security updates :

- Update fix for CVE-2015-7547 (#1296028).

- Create helper threads with enough stack for POSIX AIO and timers (#1301625).

- Fix CVE-2015-7547: getaddrinfo stack-based buffer overflow (#1296028).

- Support loading more libraries with static TLS (#1291270).

- Check for NULL arena pointer in _int_pvalloc (#1256890).

- Don't change no_dyn_threshold on mallopt failure (#1256891).

- Unlock main arena after allocation in calloc (#1256812).

- Enable robust malloc change again (#1256812).

- Fix perturbing in malloc on free and simply perturb_byte (#1256812).

- Don't fall back to mmap prematurely (#1256812).

- The malloc deadlock avoidance support has been temporarily removed since it triggers deadlocks in certain applications (#1244002).

- Fix ruserok check to reject, not skip, negative user checks (#1217186).

- Optimize ruserok function for large ~/.rhosts (#1217186).

- Fix crash in valloc due to the backtrace deadlock fix (#1207236).

- Fix buffer overflow in gethostbyname_r with misaligned buffer (#1209376, CVE-2015-1781).

- Avoid deadlock in malloc on backtrace (#1066724).

- Support running applications that use Intel AVX-512 (#1195453).

- Silence logging of record type mismatch for DNSSEC records (#1088301).

- Shrink heap on free when vm.overcommit_memory == 2 (#867679).

- Enhance nscd to detect any configuration file changes (#859965).

- Fix __times handling of EFAULT when buf is NULL (#1124204).

- Fix memory leak with dlopen and thread-local storage variables (#978098).

- Prevent getaddrinfo from writing DNS queries to random fd (CVE-2013-7423, - Implement userspace half of in6.h header coordination (#1053178).

- Correctely size relocation cache used by profiler (#1144132).

- Fix reuse of cached stack leading to bounds overrun of DTV (#1116050).

- Return failure in getnetgrent only when all netgroups have been searched (#1085312).

- Fix valgrind warning in nscd_stats (#1091915).

- Initialize xports array (#1159167).

- Fix tst-default-attr test to not fail on powerpc (#1023306).

- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183534).

- Fix typo in nscd/selinux.c (#1125307).

- Actually run test-iconv modules (#1176907).

- Fix recursive dlopen (#1154563).

- Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040, #1172044).

- Fix wordexp to honour WRDE_NOCMD (CVE-2014-7817, #1171296).

- Fix typo in res_send and res_query (#rh1138769).


Update the affected glibc / glibc-common / nscd packages.

See Also

Plugin Details

Severity: High

ID: 88783

File Name: oraclevm_OVMSA-2016-0013.nasl

Version: 2.25

Type: local

Published: 2/17/2016

Updated: 1/4/2021

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: Critical

Score: 9.8


Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:OF/RC:C


Risk Factor: High

Base Score: 8.1

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:glibc, p-cpe:/a:oracle:vm:glibc-common, p-cpe:/a:oracle:vm:nscd, cpe:/o:oracle:vm_server:3.3

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/16/2016

Vulnerability Publication Date: 11/24/2014

Exploitable With

Core Impact

Metasploit (Exim GHOST (glibc gethostbyname) Buffer Overflow)

Reference Information

CVE: CVE-2013-7423, CVE-2014-6040, CVE-2014-7817, CVE-2015-0235, CVE-2015-1781, CVE-2015-7547

BID: 69472, 71216, 72325, 72844, 74255

TRA: TRA-2017-08

IAVA: 2016-A-0053