Amazon Linux AMI : glibc (ALAS-2017-792)
Medium Nessus Plugin ID 97022
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionA stack overflow vulnerability was found in _nss_dns_getnetbyname_r.
On systems with nsswitch configured to include 'networks: dns' with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution.
SolutionRun 'yum update glibc' to update your system.