中危 GNU glibc 'getaddrinfo()'栈缓冲区溢出漏洞

CVE编号

CVE-2015-7547

利用情况

POC 已公开

补丁情况

官方补丁

披露时间

2016-02-19
漏洞描述
glibc是GNU发布的libc库,即c运行库。
GNU glibc 2.23之前的版本都可能受到影响,该漏洞允许远程攻击者发起拒绝服务攻击或执行任意代码。
解决建议
厂商已发布了漏洞修复程序,请及时关注更新(或目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载):
https://sourceware.org/bugzilla/show_bug.cgi?id=18665
参考链接
http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html
http://marc.info/?l=bugtraq&m=145596041017029&w=2
http://marc.info/?l=bugtraq&m=145672440608228&w=2
http://marc.info/?l=bugtraq&m=145690841819314&w=2
http://marc.info/?l=bugtraq&m=145857691004892&w=2
http://marc.info/?l=bugtraq&m=146161017210491&w=2
http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buf...
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credential...
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site...
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-C...
http://rhn.redhat.com/errata/RHSA-2016-0175.html
http://rhn.redhat.com/errata/RHSA-2016-0176.html
http://rhn.redhat.com/errata/RHSA-2016-0225.html
http://rhn.redhat.com/errata/RHSA-2016-0277.html
http://seclists.org/fulldisclosure/2019/Sep/7
http://seclists.org/fulldisclosure/2021/Sep/0
http://seclists.org/fulldisclosure/2022/Jun/36
http://support.citrix.com/article/CTX206991
http://ubuntu.com/usn/usn-2900-1
http://www.debian.org/security/2016/dsa-3480
http://www.debian.org/security/2016/dsa-3481
http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/83265
http://www.securitytracker.com/id/1035020
http://www.vmware.com/security/advisories/VMSA-2016-0002.html
https://access.redhat.com/articles/2161461
https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
https://bto.bluecoat.com/security-advisory/sa114
https://bugzilla.redhat.com/show_bug.cgi?id=1293532
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddr...
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Cente...
https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161
https://kc.mcafee.com/corporate/index?page=content&id=SB10150
https://seclists.org/bugtraq/2019/Sep/7
https://security.gentoo.org/glsa/201602-02
https://security.netapp.com/advisory/ntap-20160217-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=18665
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html
https://support.lenovo.com/us/en/product_security/len_5450
https://www.arista.com/en/support/advisories-notices/security-advisories/1255...
https://www.exploit-db.com/exploits/39454/
https://www.exploit-db.com/exploits/40339/
https://www.kb.cert.org/vuls/id/457759
https://www.tenable.com/security/research/tra-2017-08
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
应用 f5 big-ip_access_policy_manager 12.0.0 -
运行在以下环境
应用 f5 big-ip_advanced_firewall_manager 12.0.0 -
运行在以下环境
应用 f5 big-ip_analytics 12.0.0 -
运行在以下环境
应用 f5 big-ip_application_acceleration_manager 12.0.0 -
运行在以下环境
应用 f5 big-ip_application_security_manager 12.0.0 -
运行在以下环境
应用 f5 big-ip_domain_name_system 12.0.0 -
运行在以下环境
应用 f5 big-ip_link_controller 12.0.0 -
运行在以下环境
应用 f5 big-ip_local_traffic_manager 12.0.0 -
运行在以下环境
应用 f5 big-ip_policy_enforcement_manager 12.0.0 -
运行在以下环境
应用 gnu glibc 2.10 -
运行在以下环境
应用 gnu glibc 2.10.1 -
运行在以下环境
应用 gnu glibc 2.11 -
运行在以下环境
应用 gnu glibc 2.11.1 -
运行在以下环境
应用 gnu glibc 2.11.2 -
运行在以下环境
应用 gnu glibc 2.11.3 -
运行在以下环境
应用 gnu glibc 2.12 -
运行在以下环境
应用 gnu glibc 2.12.1 -
运行在以下环境
应用 gnu glibc 2.12.2 -
运行在以下环境
应用 gnu glibc 2.13 -
运行在以下环境
应用 gnu glibc 2.14 -
运行在以下环境
应用 gnu glibc 2.14.1 -
运行在以下环境
应用 gnu glibc 2.15 -
运行在以下环境
应用 gnu glibc 2.16 -
运行在以下环境
应用 gnu glibc 2.17 -
运行在以下环境
应用 gnu glibc 2.18 -
运行在以下环境
应用 gnu glibc 2.19 -
运行在以下环境
应用 gnu glibc 2.20 -
运行在以下环境
应用 gnu glibc 2.21 -
运行在以下环境
应用 gnu glibc 2.22 -
运行在以下环境
应用 gnu glibc 2.9 -
运行在以下环境
应用 hp helion_openstack 1.1.1 -
运行在以下环境
应用 hp helion_openstack 2.0.0 -
运行在以下环境
应用 hp helion_openstack 2.1.0 -
运行在以下环境
应用 hp server_migration_pack 7.5 -
运行在以下环境
应用 oracle exalogic_infrastructure 1.0 -
运行在以下环境
应用 oracle exalogic_infrastructure 2.0 -
运行在以下环境
应用 sophos unified_threat_management_software 9.319 -
运行在以下环境
应用 sophos unified_threat_management_software 9.355 -
运行在以下环境
应用 suse linux_enterprise_debuginfo 11.0 -
运行在以下环境
系统 amazon_AMI glibc * Up to
(excluding)
2.17-106.166.amzn1
运行在以下环境
系统 centos_6 glibc * Up to
(excluding)
2.12-1.166.el6_7.7
运行在以下环境
系统 centos_7 glibc * Up to
(excluding)
2.17-106.el7_2.4
运行在以下环境
系统 debian DPKG * Up to
(excluding)
2.19-18+deb8u3
运行在以下环境
系统 debian_10 glibc * Up to
(excluding)
2.21-8
运行在以下环境
系统 debian_11 glibc * Up to
(excluding)
2.21-8
运行在以下环境
系统 debian_12 glibc * Up to
(excluding)
2.21-8
运行在以下环境
系统 debian_6 eglibc * Up to
(excluding)
2.11.3-4+deb6u11
运行在以下环境
系统 debian_7 eglibc * Up to
(excluding)
2.13-38+deb7u10
运行在以下环境
系统 debian_8 glibc * Up to
(excluding)
2.19-18+deb8u4
运行在以下环境
系统 fedora_22 glibc-devel * Up to
(excluding)
2.21-11.fc22
运行在以下环境
系统 fedora_23 glibc-devel * Up to
(excluding)
2.22-9.fc23
运行在以下环境
系统 opensuse_13.1 glibc-utils-debugsource * Up to
(excluding)
2.18-4.41.2
运行在以下环境
系统 opensuse_13.2 glibc-devel-32bit * Up to
(excluding)
2.19-16.22.2
运行在以下环境
系统 opensuse_Leap_42.1 glibc-devel-static * Up to
(excluding)
2.19-19.1
运行在以下环境
系统 oracle_6 oraclelinux-release * Up to
(excluding)
2.12-1.166.el6_7.7
运行在以下环境
系统 oracle_7 oraclelinux-release * Up to
(excluding)
2.17-106.0.1.el7_2.4
运行在以下环境
系统 redhat_6 glibc * Up to
(excluding)
0:2.12-1.166.el6_7.7
运行在以下环境
系统 redhat_7 glibc * Up to
(excluding)
2.17-106.el7_2.4
运行在以下环境
系统 suse_11_SP3 glibc-devel * Up to
(excluding)
2.11.3-17.95.2
运行在以下环境
系统 suse_11_SP4 glibc-devel * Up to
(excluding)
2.11.3-17.95.2
运行在以下环境
系统 suse_12 glibc * Up to
(excluding)
2.19-22.13.1
运行在以下环境
系统 suse_12_SP1 glibc-devel * Up to
(excluding)
2.19-35.1
运行在以下环境
系统 ubuntu_12.04.5_lts eglibc * Up to
(excluding)
2.15-0ubuntu10.13
运行在以下环境
系统 ubuntu_14.04 eglibc * Up to
(excluding)
2.19-0ubuntu6.7
运行在以下环境
系统 ubuntu_14.04.6_lts eglibc * Up to
(excluding)
2.19-0ubuntu6.7
阿里云评分
5.9
  • 攻击路径
    本地
  • 攻击复杂度
    困难
  • 权限要求
    普通权限
  • 影响范围
    全局影响
  • EXP成熟度
    POC 已公开
  • 补丁情况
    官方补丁
  • 数据保密性
    无影响
  • 数据完整性
    无影响
  • 服务器危害
    服务器失陷
  • 全网数量
    N/A
CWE-ID 漏洞类型
CWE-119 内存缓冲区边界内操作的限制不恰当
阿里云安全产品覆盖情况