Knowledge

2/22/2016

Security Warning: Remote Exploitation - A New Linux/Unix Vulnerability May Allow a Hacker to Take Control

New GNU glibc Vulnerability was announced on 02/17/2016. 

The vulnerability, identified as CVE-2015-7547, is similar to Heartbleed and Shellshock in terms of the scope of affected systems, but is not as serious, as it is significantly more difficult to exploit. Successful exploitation of the vulnerability relies on the potential victim communicating with a hostile/malicious DNS server or to be subject to a man-in-the-middle attack. Nevertheless, the vulnerability is considered to be critical by the industry since it can lead to remote exploitation of the client system.

Vulnerability explained:
The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.

According to glibc developers, the vulnerable code was initially added in May 2008, as part of the development for glibc 2.9. All versions from 2.9 (originally released November 2008) to 2.22 appear to be affected.

Solution:
A patch for glibc is available. Affected users should apply the patch as soon as possible. The patch will also be included as part of the upcoming glibc 2.23 release.

If you feel that you need assistance from the Digital Edge Security team please contact Danielle Saladis at dsaladis@DIGITALEDGE.NET

Digital Edge is committed to providing the highest levels of security within all the IT infrastructure environments under its care. In order to achieve this utmost goal for all of our clients, we continuously maintain vigilance both on the productive side of IT as well as on its destructive side. We thus send out news and security bulletins such as this one from time to time to ensure that our clients are informed and educated on any important developments in IT security and are fully aware of what we are doing to ensure that we and our clients are always at the Cutting and at the Digital Edge of technology.

Michael Petrov
Founder, Chief Executive Officer

Michael brings 30 years of experience as an information architect, optimization specialist and operations’ advisor. His experience includes extensive high-profile project expertise, such as mainframe and client server integration for Mellon Bank, extranet systems for Sumitomo Bank, architecture and processing workflow for alternative investment division of US Bank. Michael possesses advanced knowledge of security standards such as ISO 27001, NIST, SOC and PCI that brings into any solutions delivered by Digital Edge. Security solutions and standards are expended into public cloud such as AWS and Azure.

Was this article helpful?