Views:

Summary



When running a vulnerability scanner in a secure environment, you may discover stack-based buffer overflow issues in the glibc getaddrinfo function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-7547 to this issue.

Resolution



With Internet Connection:

  1. Log in to the ECX appliance as a root user.
  2. From the CLI, run the following command to run the glibc update:
  3. yum update glibc
  4. Follow the on-screen prompts to install the update.

Without Internet Connection

  1. From a computer with an internet connection, download the following RPMs from centos.org:
  2. glibc-2.12-1.166.el6_7.7.x86_64.rpm
  3. glibc-common-2.12-1.166.el6_7.7.x86_64.rpm
  4. Copy the two RPM's to the ECX appliance's "/" location via SCP.
  5. Log in to the ECX appliance as a root user.
  6. Navigate to "/" through the cd command, then execute the following commands:
  7. rpm -Ui glibc-common-2.12-1.166.el6_7.7.x86_64.rpm glibc-2.12-1.166.el6_7.7.x86_64.rpm
Keywords: ecx security vulnerability, vulnerability scanner, ecx appliance, cve, cve 2015, scp, security environment
Related Products: ECX