Summary
When running a vulnerability scanner in a secure environment, you may discover stack-based buffer overflow issues in the glibc getaddrinfo function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-7547 to this issue.
Resolution
With Internet Connection:
- Log in to the ECX appliance as a root user.
- From the CLI, run the following command to run the glibc update:
yum update glibc
- Follow the on-screen prompts to install the update.
Without Internet Connection
- From a computer with an internet connection, download the following RPMs from centos.org:
- glibc-2.12-1.166.el6_7.7.x86_64.rpm
- glibc-common-2.12-1.166.el6_7.7.x86_64.rpm
- Copy the two RPM's to the ECX appliance's "/" location via SCP.
- Log in to the ECX appliance as a root user.
- Navigate to "/" through the
cd
command, then execute the following commands: rpm -Ui glibc-common-2.12-1.166.el6_7.7.x86_64.rpm glibc-2.12-1.166.el6_7.7.x86_64.rpm