F5 Networks BIG-IP : glibc vulnerability (SOL09408132)
Medium Nessus Plugin ID 93030
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionInteger overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution SOL09408132.