0 Replies Latest reply on Mar 16, 2016 4:19 PM by Chris Crawford

    GNU C Library (glibc) vulnerabilities.

      Recently there has been a flurry of activity and requests concerning the GNU C Library (glibc) vulnerabilities.  CVE-2015-0237 could allow an attacker to gain control of an affected system by taking advantage of a vulnerability in the gethostbyname function.  CVE-2015-7547 contains a buffer overflow vulnerability in the DNS resolver which could also allow an attacker to take control of an affected system.


      I’ve created a document that outlines the steps I would take in identifying, remediating, and validating the GNU glibc vulnerabilities using BladeLogic Server Automation.