Do your applications use this vulnerable package?
Test your applications
Overview
res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash).
References
- Debian Security Tracker
- Gentoo Security Advisory
- MISC
- RHSA Security Advisory
- RedHat Bugzilla Bug
- Security Focus
- Ubuntu CVE Tracker
- Ubuntu Security Advisory
- Ubuntu Security Advisory
- https://sourceware.org/bugzilla/attachment.cgi?id=8492
- https://sourceware.org/bugzilla/show_bug.cgi?id=18784
- https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fc82b0a2dfe7dbd35671c10510a8da1043d746a5
- https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html
CVSS Score
7.5
high severity
-
Attack VectorNetwork
-
Attack ComplexityLow
-
Privileges RequiredNone
-
User InteractionNone
-
ScopeUnchanged
-
ConfidentialityNone
-
IntegrityNone
-
AvailabilityHigh
- CVE
- CVE-2015-5180
- CWE
- CWE-476
- Snyk ID
- SNYK-DEBIAN8-GLIBC-356894
- Disclosed
- 27 Jun, 2017
- Published
- 27 Jun, 2017