GNU C Library (glibc) vulnerabilities.

Version 1

    Recently there has been a flurry of activity and requests concerning the GNU C Library (glibc) vulnerabilities.  CVE-2015-0237 could allow an attacker to gain control of an affected system by taking advantage of a vulnerability in the gethostbyname function.  CVE-2015-7547 contains a buffer overflow vulnerability in the DNS resolver which could also allow an attacker to take control of an affected system.


    I’ve created a document that outlines the steps I would take in identifying, remediating, and validating the GNU glibc vulnerabilities using BladeLogic Server Automation.


    This document was generated from the following discussion: GNU C Library (glibc) vulnerabilities.