Glibc is the standard C library that ships with mosts version of Linux. It includes many functions that handle the common tasks programs might need, such as looking up IP addresses associated with domain names
Vulnerability Note VU#457759 glibc vulnerable to stack buffer overflow in DNS resolver Original Release date: 17 Feb 2016 | Last revised: 18 Feb 2016 Overview GNU glibc contains a buffer overflow vulnerability in the DNS resolver, which may allow a remote attacker to execute arbitrary code. Description CWE-121 : Stack-based Buffer Overflow – CVE-2015-7547 According to a Google security blog post : “The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.” According to glibc developers, the vulnerable code was initially added in May 2008 as part of the development for glibc 2.9.
VU#967332: GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow
Vulnerability Note VU#967332 GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow Original Release date: 28 Jan 2015 | Last revised: 28 Jan 2015 Overview The __nss_hostname_digits_dots() function of the GNU C Library (glibc) allows a buffer overflow condition in which arbitrary code may be executed. This vulnerability has been assigned CVE-2015-0235, and is referred to in the media by the name “GHOST”. Description According to Qualys, the vulnerability is “a buffer overflow in the __nss_hostname_digits_dots() function of the GNU C Library ( glibc ).