[AusNOG] GLIBC vulnerability

Mark Andrews marka at isc.org
Thu Feb 18 11:00:39 EST 2016


In message <72D62A08083E0DBB.BDBBBE01-2602-48AB-9D5C-360AB9161B77 at mail.outlook.
com>, Andrew Yager writes:
>
> Hi,
> It's not brilliant news; but if you aren't on top of CVE vulnerabilities;
> I've just been alerted to
> https://googleonlinesecurity.blogspot.ro/2016/02/cve-2015-7547-glibc-getad
> drinfo-stack.html with the suggestion that it has currently known
> exploits in the wild.
> I'm sure most of us have patching regimes in place to deal with this
> stuff automatically; but it's worth being aware.
> Apparently ensuring DNS packets are properly sized is an effective
> mitigating strategy to this vulnerability (and from my memory of Roland's
> talk at AusNOG last year a whole lot of other DDOS amplification attacks
> as well).
> Have fun!
> Andrew
> Sent from my mobile device

Time to take out your IoT list and ask each of the manufacturers if
the device is vulnerable and if so when a update for the device
will be available.

Linux / glibc is in lots of places.

https://www.kb.cert.org/vuls/id/457759 is where CERT is tracking vendor
statements.  We are in the process of composing ours.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org


More information about the AusNOG mailing list