[AusNOG] GLIBC vulnerability
Andrew Yager
andrew at rwts.com.au
Thu Feb 18 00:03:23 EST 2016
Hi,
It's not brilliant news; but if you aren't on top of CVE vulnerabilities; I've just been alerted to https://googleonlinesecurity.blogspot.ro/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html with the suggestion that it has currently known exploits in the wild.
I'm sure most of us have patching regimes in place to deal with this stuff automatically; but it's worth being aware.
Apparently ensuring DNS packets are properly sized is an effective mitigating strategy to this vulnerability (and from my memory of Roland's talk at AusNOG last year a whole lot of other DDOS amplification attacks as well).
Have fun!
Andrew
Sent from my mobile device
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160217/588f4979/attachment.html>
More information about the AusNOG
mailing list