24 Feb

Google and Red Hat Discover Massive DNS Security Flaw

Both Google and Red Hat have confirmed the existence of a security flaw (CVE ID: CVE-2015-7547) in GNU software project glibc that allows the execution of arbitrary code via a specially crafted DNS response. The flaw is a stack-based buffer overflow in the send_dg and the send_vc procedures of the libresolv segement of glibc and has existed since version 2.9. The way an attack would work is this: The attacker would prompt the target machine to look up a specially crafted domain, which would prompt a DNS server to reply with a result that exceeds the maximum acceptable length and thus cause a buffer overflow on the target machine. This, in turn, could allow an attacker to execute arbitrary code.

The good news, however, is that they have developed a patch for this issue. I strongly urge all system administrators to apply this patch if they have not done so already. The severity level of this issue is critical.

Share this

Leave a reply

Time limit is exhausted. Please reload CAPTCHA.