CVE-2015-7547

8.1

HIGH

Ubuntu GNU C Library Buffer Overflow

Description

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

INFO

Published Date :

Feb. 18, 2016, 9:59 p.m.

Last Modified :

Nov. 21, 2024, 2:36 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

2.2 Public PoC/Exploit Available at Github

CVE-2015-7547 has a 80 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2015-7547 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	F5	big-ip_access_policy_manager
2	F5	big-ip_advanced_firewall_manager
3	F5	big-ip_analytics
4	F5	big-ip_application_acceleration_manager
5	F5	big-ip_application_security_manager
6	F5	big-ip_domain_name_system
7	F5	big-ip_link_controller
8	F5	big-ip_local_traffic_manager
9	F5	big-ip_policy_enforcement_manager
1	Redhat	enterprise_linux_desktop
2	Redhat	enterprise_linux_server
3	Redhat	enterprise_linux_workstation
4	Redhat	enterprise_linux_server_aus
5	Redhat	enterprise_linux_server_eus
6	Redhat	enterprise_linux_hpc_node
7	Redhat	enterprise_linux_hpc_node_eus
1	Suse	linux_enterprise_server
2	Suse	suse_linux_enterprise_server
3	Suse	linux_enterprise_desktop
4	Suse	linux_enterprise_software_development_kit
5	Suse	linux_enterprise_debuginfo
1	Oracle	exalogic_infrastructure
2	Oracle	fujitsu_m10_firmware
1	Hp	helion_openstack
2	Hp	server_migration_pack
1	Canonical	ubuntu_linux
1	Debian	debian_linux
1	Opensuse	opensuse
1	Gnu	glibc
1	Sophos	unified_threat_management_software

: Total Affected Vendor : 10 | Products : 30

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2015-7547.

URL	Resource
http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html	Third Party Advisory
http://marc.info/?l=bugtraq&m=145596041017029&w=2
http://marc.info/?l=bugtraq&m=145672440608228&w=2
http://marc.info/?l=bugtraq&m=145690841819314&w=2
http://marc.info/?l=bugtraq&m=145857691004892&w=2
http://marc.info/?l=bugtraq&m=146161017210491&w=2
http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
http://rhn.redhat.com/errata/RHSA-2016-0175.html
http://rhn.redhat.com/errata/RHSA-2016-0176.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0225.html
http://rhn.redhat.com/errata/RHSA-2016-0277.html
http://seclists.org/fulldisclosure/2019/Sep/7
http://seclists.org/fulldisclosure/2021/Sep/0
http://seclists.org/fulldisclosure/2022/Jun/36
http://support.citrix.com/article/CTX206991
http://ubuntu.com/usn/usn-2900-1	Third Party Advisory
http://www.debian.org/security/2016/dsa-3480
http://www.debian.org/security/2016/dsa-3481	Third Party Advisory
http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html	Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/83265
http://www.securitytracker.com/id/1035020
http://www.vmware.com/security/advisories/VMSA-2016-0002.html
https://access.redhat.com/articles/2161461	Third Party Advisory
https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/	Third Party Advisory
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/	Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa114	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1293532	Issue Tracking Third Party Advisory
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10150	Third Party Advisory
https://seclists.org/bugtraq/2019/Sep/7
https://security.gentoo.org/glsa/201602-02	Third Party Advisory
https://security.netapp.com/advisory/ntap-20160217-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=18665	Issue Tracking
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html	Mailing List Vendor Advisory
https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html	Third Party Advisory
https://support.lenovo.com/us/en/product_security/len_5450
https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17
https://www.exploit-db.com/exploits/39454/
https://www.exploit-db.com/exploits/40339/
https://www.kb.cert.org/vuls/id/457759
https://www.tenable.com/security/research/tra-2017-08
http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html	Third Party Advisory
http://marc.info/?l=bugtraq&m=145596041017029&w=2
http://marc.info/?l=bugtraq&m=145672440608228&w=2
http://marc.info/?l=bugtraq&m=145690841819314&w=2
http://marc.info/?l=bugtraq&m=145857691004892&w=2
http://marc.info/?l=bugtraq&m=146161017210491&w=2
http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
http://rhn.redhat.com/errata/RHSA-2016-0175.html
http://rhn.redhat.com/errata/RHSA-2016-0176.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0225.html
http://rhn.redhat.com/errata/RHSA-2016-0277.html
http://seclists.org/fulldisclosure/2019/Sep/7
http://seclists.org/fulldisclosure/2021/Sep/0
http://seclists.org/fulldisclosure/2022/Jun/36
http://support.citrix.com/article/CTX206991
http://ubuntu.com/usn/usn-2900-1	Third Party Advisory
http://www.debian.org/security/2016/dsa-3480
http://www.debian.org/security/2016/dsa-3481	Third Party Advisory
http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html	Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/83265
http://www.securitytracker.com/id/1035020
http://www.vmware.com/security/advisories/VMSA-2016-0002.html
https://access.redhat.com/articles/2161461	Third Party Advisory
https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/	Third Party Advisory
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/	Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa114	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1293532	Issue Tracking Third Party Advisory
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10150	Third Party Advisory
https://seclists.org/bugtraq/2019/Sep/7
https://security.gentoo.org/glsa/201602-02	Third Party Advisory
https://security.netapp.com/advisory/ntap-20160217-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=18665	Issue Tracking
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html	Mailing List Vendor Advisory
https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html	Third Party Advisory
https://support.lenovo.com/us/en/product_security/len_5450
https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17
https://www.exploit-db.com/exploits/39454/
https://www.exploit-db.com/exploits/40339/
https://www.kb.cert.org/vuls/id/457759
https://www.tenable.com/security/research/tra-2017-08

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

a-roshbaik/Linux-Privilege-Escalation-Exploits

None

C Shell Python Assembly Ruby Makefile Meson

Updated: 7 months ago

0 stars 0 fork 0 watcher

Born at : July 20, 2024, 8:34 p.m. This repo has been linked 91 different CVEs too.

hktalent/bug-bounty

bounty collection

Shell Python Dockerfile Ruby JavaScript ASP.NET Classic ASP HTML PHP Jupyter Notebook

Updated: 1 month, 1 week ago

31 stars 5 fork 5 watcher

Born at : Sept. 11, 2023, 11:19 a.m. This repo has been linked 234 different CVEs too.

alian87/linux-kernel-exploits

None

C Shell Python Ruby Makefile HTML

Updated: 1 year, 8 months ago

0 stars 0 fork 0 watcher

Born at : June 14, 2023, 7:23 p.m. This repo has been linked 50 different CVEs too.

JlSakuya/Linux-Privilege-Escalation-Exploits

Linux privilege escalation exploits collection.

C Shell Python Assembly Ruby Makefile Meson

Updated: 3 weeks, 3 days ago

113 stars 15 fork 15 watcher

Born at : April 26, 2023, 2:58 p.m. This repo has been linked 91 different CVEs too.

albinjoshy03/linux-kernel-exploits

None

C Shell Python Ruby Makefile HTML

Updated: 1 year, 9 months ago

1 stars 0 fork 0 watcher

Born at : April 26, 2023, 7:11 a.m. This repo has been linked 50 different CVEs too.

CVEDB/awesome-cve-repo

None

Shell

Updated: 2 weeks, 4 days ago

4 stars 2 fork 2 watcher

Born at : March 23, 2023, 4:32 a.m. This repo has been linked 265 different CVEs too.

CVEDB/top

None

Shell

Updated: 2 weeks, 4 days ago

1 stars 0 fork 0 watcher

Born at : March 19, 2023, 1:53 a.m. This repo has been linked 265 different CVEs too.

20142995/sectool

个人向的工具导航，Ctrl + F

Python

Updated: 2 weeks, 3 days ago

207 stars 33 fork 33 watcher

Born at : Nov. 23, 2022, 9:53 a.m. This repo has been linked 50 different CVEs too.

weeka10/-hktalent-TOP

None

Shell

Updated: 1 year, 11 months ago

2 stars 0 fork 0 watcher

Born at : Nov. 16, 2022, 9:38 a.m. This repo has been linked 256 different CVEs too.

cyberanand1337x/bug-bounty-2022

None

Updated: 2 years, 1 month ago

0 stars 0 fork 0 watcher

Born at : Sept. 30, 2022, 6:29 p.m. This repo has been linked 253 different CVEs too.

jbmihoub/all-poc

None

Shell

Updated: 6 months, 2 weeks ago

1 stars 2 fork 2 watcher

Born at : Aug. 25, 2022, 12:16 a.m. This repo has been linked 250 different CVEs too.

hantiger/-

None

Updated: 2 years, 7 months ago

0 stars 0 fork 0 watcher

Born at : July 15, 2022, 6:49 a.m. This repo has been linked 3 different CVEs too.

ZTK-009/linux-kernel-exploits

None

C Shell Python Ruby Makefile HTML

Updated: 2 years, 10 months ago

0 stars 0 fork 0 watcher

Born at : April 3, 2022, 1:47 p.m. This repo has been linked 49 different CVEs too.

birdhan/SecurityTools

渗透测试工具包 | 开源安全测试工具 | 网络安全工具

exploit cve poc

Updated: 3 weeks ago

240 stars 39 fork 39 watcher

Born at : March 7, 2022, 7:52 a.m. This repo has been linked 3 different CVEs too.

fei9747/LinuxEelvation

None

C Shell Python Ruby Makefile HTML

Updated: 3 years, 4 months ago

0 stars 0 fork 0 watcher

Born at : Oct. 21, 2021, 9:46 a.m. This repo has been linked 56 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2015-7547 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2015-7547 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

Nov. 21, 2024

Action	Type	New Value
Added	Reference	http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
Added	Reference	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html
Added	Reference	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html
Added	Reference	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html
Added	Reference	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html
Added	Reference	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html
Added	Reference	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html
Added	Reference	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html
Added	Reference	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html
Added	Reference	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html
Added	Reference	http://marc.info/?l=bugtraq&m=145596041017029&w=2
Added	Reference	http://marc.info/?l=bugtraq&m=145672440608228&w=2
Added	Reference	http://marc.info/?l=bugtraq&m=145690841819314&w=2
Added	Reference	http://marc.info/?l=bugtraq&m=145857691004892&w=2
Added	Reference	http://marc.info/?l=bugtraq&m=146161017210491&w=2
Added	Reference	http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html
Added	Reference	http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
Added	Reference	http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
Added	Reference	http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
Added	Reference	http://rhn.redhat.com/errata/RHSA-2016-0175.html
Added	Reference	http://rhn.redhat.com/errata/RHSA-2016-0176.html
Added	Reference	http://rhn.redhat.com/errata/RHSA-2016-0225.html
Added	Reference	http://rhn.redhat.com/errata/RHSA-2016-0277.html
Added	Reference	http://seclists.org/fulldisclosure/2019/Sep/7
Added	Reference	http://seclists.org/fulldisclosure/2021/Sep/0
Added	Reference	http://seclists.org/fulldisclosure/2022/Jun/36
Added	Reference	http://support.citrix.com/article/CTX206991
Added	Reference	http://ubuntu.com/usn/usn-2900-1
Added	Reference	http://www.debian.org/security/2016/dsa-3480
Added	Reference	http://www.debian.org/security/2016/dsa-3481
Added	Reference	http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
Added	Reference	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en
Added	Reference	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
Added	Reference	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
Added	Reference	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Added	Reference	http://www.securityfocus.com/bid/83265
Added	Reference	http://www.securitytracker.com/id/1035020
Added	Reference	http://www.vmware.com/security/advisories/VMSA-2016-0002.html
Added	Reference	https://access.redhat.com/articles/2161461
Added	Reference	https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/
Added	Reference	https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
Added	Reference	https://bto.bluecoat.com/security-advisory/sa114
Added	Reference	https://bugzilla.redhat.com/show_bug.cgi?id=1293532
Added	Reference	https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
Added	Reference	https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
Added	Reference	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
Added	Reference	https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
Added	Reference	https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01
Added	Reference	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161
Added	Reference	https://kc.mcafee.com/corporate/index?page=content&id=SB10150
Added	Reference	https://seclists.org/bugtraq/2019/Sep/7
Added	Reference	https://security.gentoo.org/glsa/201602-02
Added	Reference	https://security.netapp.com/advisory/ntap-20160217-0002/
Added	Reference	https://sourceware.org/bugzilla/show_bug.cgi?id=18665
Added	Reference	https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
Added	Reference	https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html
Added	Reference	https://support.lenovo.com/us/en/product_security/len_5450
Added	Reference	https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17
Added	Reference	https://www.exploit-db.com/exploits/39454/
Added	Reference	https://www.exploit-db.com/exploits/40339/
Added	Reference	https://www.kb.cert.org/vuls/id/457759
Added	Reference	https://www.tenable.com/security/research/tra-2017-08

Action	Type	Old Value	New Value
Changed	Description	A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.	Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
Removed	CVSS V2	Red Hat, Inc. (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Removed	Reference	https://access.redhat.com/errata/RHSA-2016:0175 [No Types Assigned]
Removed	Reference	https://access.redhat.com/errata/RHSA-2016:0176 [No Types Assigned]
Removed	Reference	https://access.redhat.com/errata/RHSA-2016:0225 [No Types Assigned]
Removed	Reference	https://access.redhat.com/errata/RHSA-2016:0277 [No Types Assigned]
Removed	Reference	https://access.redhat.com/security/cve/CVE-2015-7547 [No Types Assigned]

Action	Type	Old Value
Removed	Reference	https://h20565.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672 [No Types Assigned]
Removed	Reference	https://h20565.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858 [No Types Assigned]
Removed	Reference	https://h20565.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516 [No Types Assigned]
Removed	Reference	https://h20565.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877 [No Types Assigned]
Removed	Reference	https://h20565.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404 [No Types Assigned]
Removed	Reference	https://h20565.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937 [No Types Assigned]

Action	Type	Old Value	New Value
Changed	CPE Configuration	Configuration 1 OR cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_link_controller:12.0.0::::::: cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0::::::: cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_analytics:12.0.0::::::: cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0::::::: Configuration 2 OR cpe:2.3:a:hp:helion_openstack:2.1.0::::::: cpe:2.3:a:hp:helion_openstack:2.0.0::::::: cpe:2.3:a:hp:helion_openstack:1.1.1::::::: cpe:2.3:a:hp:server_migration_pack:7.5::::::: Configuration 3 OR cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp3::::::* cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp4::::::* cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp3::::::* cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp4::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3::::vmware:: cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp3::::::* cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp4::::::* cpe:2.3:o:novell:opensuse:13.2::::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:12::::::: cpe:2.3:o:suse:linux_enterprise_server:12::::::: cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1::::::* cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1::::::* cpe:2.3:o:suse:linux_enterprise_server:12:sp1::::::* cpe:2.3:o:suse:linux_enterprise_desktop:12::::::: cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp2::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:::lts::: Configuration 4 OR cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2::::::: cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2::::::: cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2::::::: cpe:2.3:o:redhat:enterprise_linux_workstation:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_server:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_desktop:7.0::::::: Configuration 5 OR cpe:2.3:o:debian:debian_linux:8.0::::::: Configuration 6 OR cpe:2.3:a:sophos:unified_threat_management_software:9.355::::::: cpe:2.3:a:sophos:unified_threat_management_software:9.319::::::: Configuration 7 OR cpe:2.3:a:gnu:glibc:2.22::::::: cpe:2.3:a:gnu:glibc:2.21::::::: cpe:2.3:a:gnu:glibc:2.20::::::: cpe:2.3:a:gnu:glibc:2.19::::::: cpe:2.3:a:gnu:glibc:2.18::::::: cpe:2.3:a:gnu:glibc:2.17::::::: cpe:2.3:a:gnu:glibc:2.16::::::: cpe:2.3:a:gnu:glibc:2.15::::::: cpe:2.3:a:gnu:glibc:2.14.1::::::: cpe:2.3:a:gnu:glibc:2.14::::::: cpe:2.3:a:gnu:glibc:2.13::::::: cpe:2.3:a:gnu:glibc:2.12.2::::::: cpe:2.3:a:gnu:glibc:2.12.1::::::: cpe:2.3:a:gnu:glibc:2.12::::::: cpe:2.3:a:gnu:glibc:2.11.3::::::: cpe:2.3:a:gnu:glibc:2.11.2::::::: cpe:2.3:a:gnu:glibc:2.11.1::::::: cpe:2.3:a:gnu:glibc:2.10.1::::::: cpe:2.3:a:gnu:glibc:2.11::::::: cpe:2.3:a:gnu:glibc:2.10::::::: cpe:2.3:a:gnu:glibc:2.9::::::: Configuration 8 OR cpe:2.3:o:oracle:fujitsu_m10_firmware:2290::::::: (and previous) Configuration 9 OR cpe:2.3:a:oracle:exalogic_infrastructure:2.0::::::: cpe:2.3:a:oracle:exalogic_infrastructure:1.0::::::: Configuration 10 OR cpe:2.3:o:canonical:ubuntu_linux:15.10::::::: cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::*	Configuration 1 OR cpe:2.3:o:debian:debian_linux:8.0::::::: Configuration 2 OR cpe:2.3:o:canonical:ubuntu_linux:15.10::::::: cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::* Configuration 3 OR cpe:2.3:a:hp:helion_openstack:2.1.0::::::: cpe:2.3:a:hp:helion_openstack:2.0.0::::::: cpe:2.3:a:hp:helion_openstack:1.1.1::::::: cpe:2.3:a:hp:server_migration_pack:7.5::::::: Configuration 4 OR cpe:2.3:a:sophos:unified_threat_management_software:9.355::::::: cpe:2.3:a:sophos:unified_threat_management_software:9.319::::::: Configuration 5 OR cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp3::::::* cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp4::::::* cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp3::::::* cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp4::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3::::vmware:: cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp3::::::* cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp4::::::* cpe:2.3:o:novell:opensuse:13.2::::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:12::::::: cpe:2.3:o:suse:linux_enterprise_server:12::::::: cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1::::::* cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1::::::* cpe:2.3:o:suse:linux_enterprise_server:12:sp1::::::* cpe:2.3:o:suse:linux_enterprise_desktop:12::::::: cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp2::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:::lts::: Configuration 6 OR cpe:2.3:a:oracle:exalogic_infrastructure:2.0::::::: cpe:2.3:a:oracle:exalogic_infrastructure:1.0::::::: Configuration 7 OR cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_link_controller:12.0.0::::::: cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0::::::: cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_analytics:12.0.0::::::: cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0::::::: Configuration 8 OR cpe:2.3:o:oracle:fujitsu_m10_firmware:2290::::::: (and previous) Configuration 9 OR cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2::::::: cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2::::::: cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2::::::: cpe:2.3:o:redhat:enterprise_linux_workstation:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_server:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_desktop:7.0::::::: Configuration 10 OR cpe:2.3:a:gnu:glibc:2.22::::::: cpe:2.3:a:gnu:glibc:2.21::::::: cpe:2.3:a:gnu:glibc:2.20::::::: cpe:2.3:a:gnu:glibc:2.19::::::: cpe:2.3:a:gnu:glibc:2.18::::::: cpe:2.3:a:gnu:glibc:2.17::::::: cpe:2.3:a:gnu:glibc:2.16::::::: cpe:2.3:a:gnu:glibc:2.15::::::: cpe:2.3:a:gnu:glibc:2.14.1::::::: cpe:2.3:a:gnu:glibc:2.14::::::: cpe:2.3:a:gnu:glibc:2.13::::::: cpe:2.3:a:gnu:glibc:2.12.2::::::: cpe:2.3:a:gnu:glibc:2.12.1::::::: cpe:2.3:a:gnu:glibc:2.12::::::: cpe:2.3:a:gnu:glibc:2.11.3::::::: cpe:2.3:a:gnu:glibc:2.11.2::::::: cpe:2.3:a:gnu:glibc:2.11.1::::::: cpe:2.3:a:gnu:glibc:2.10.1::::::: cpe:2.3:a:gnu:glibc:2.11::::::: cpe:2.3:a:gnu:glibc:2.10::::::: cpe:2.3:a:gnu:glibc:2.9:::::::
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html Third Party Advisory
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html Third Party Advisory
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html Third Party Advisory
Changed	Reference Type	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404 No Types Assigned	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404 Third Party Advisory
Changed	Reference Type	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937 No Types Assigned	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937 Third Party Advisory
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html Third Party Advisory
Changed	Reference Type	http://ubuntu.com/usn/usn-2900-1 No Types Assigned	http://ubuntu.com/usn/usn-2900-1 Third Party Advisory
Changed	Reference Type	https://sourceware.org/bugzilla/show_bug.cgi?id=18665 No Types Assigned	https://sourceware.org/bugzilla/show_bug.cgi?id=18665 Issue Tracking
Changed	Reference Type	https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/ No Types Assigned	https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/ Third Party Advisory
Changed	Reference Type	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672 No Types Assigned	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672 Third Party Advisory
Changed	Reference Type	https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html Vendor Advisory	https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html Mailing List, Vendor Advisory
Changed	Reference Type	http://rhn.redhat.com/errata/RHSA-2016-0176.html No Types Assigned	http://rhn.redhat.com/errata/RHSA-2016-0176.html Third Party Advisory
Changed	Reference Type	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Patch	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Third Party Advisory, Patch
Changed	Reference Type	https://access.redhat.com/articles/2161461 No Types Assigned	https://access.redhat.com/articles/2161461 Third Party Advisory
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html Third Party Advisory
Changed	Reference Type	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161 No Types Assigned	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161 Third Party Advisory
Changed	Reference Type	http://www.debian.org/security/2016/dsa-3481 No Types Assigned	http://www.debian.org/security/2016/dsa-3481 Third Party Advisory
Changed	Reference Type	https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html No Types Assigned	https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html Third Party Advisory
Changed	Reference Type	https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479 No Types Assigned	https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479 Third Party Advisory
Changed	Reference Type	https://bugzilla.redhat.com/show_bug.cgi?id=1293532 No Types Assigned	https://bugzilla.redhat.com/show_bug.cgi?id=1293532 Third Party Advisory, Issue Tracking
Changed	Reference Type	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958 No Types Assigned	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958 Third Party Advisory
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html Third Party Advisory
Changed	Reference Type	https://security.gentoo.org/glsa/201602-02 No Types Assigned	https://security.gentoo.org/glsa/201602-02 Third Party Advisory
Changed	Reference Type	https://bto.bluecoat.com/security-advisory/sa114 No Types Assigned	https://bto.bluecoat.com/security-advisory/sa114 Third Party Advisory
Changed	Reference Type	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858 No Types Assigned	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858 Third Party Advisory
Changed	Reference Type	https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/ No Types Assigned	https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/ Third Party Advisory
Changed	Reference Type	https://kc.mcafee.com/corporate/index?page=content&id=SB10150 No Types Assigned	https://kc.mcafee.com/corporate/index?page=content&id=SB10150 Third Party Advisory
Changed	Reference Type	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html No Types Assigned	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html Third Party Advisory
Changed	Reference Type	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877 No Types Assigned	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877 Third Party Advisory

Action	Type	Old Value	New Value
Changed	CPE Configuration	Configuration 1 OR cpe:2.3:a:gnu:glibc:2.22::::::: cpe:2.3:a:gnu:glibc:2.21::::::: cpe:2.3:a:gnu:glibc:2.20::::::: cpe:2.3:a:gnu:glibc:2.19::::::: cpe:2.3:a:gnu:glibc:2.18::::::: cpe:2.3:a:gnu:glibc:2.17::::::: cpe:2.3:a:gnu:glibc:2.16::::::: cpe:2.3:a:gnu:glibc:2.15::::::: cpe:2.3:a:gnu:glibc:2.14.1::::::: cpe:2.3:a:gnu:glibc:2.14::::::: cpe:2.3:a:gnu:glibc:2.13::::::: cpe:2.3:a:gnu:glibc:2.12.2::::::: cpe:2.3:a:gnu:glibc:2.12.1::::::: cpe:2.3:a:gnu:glibc:2.12::::::: cpe:2.3:a:gnu:glibc:2.11.3::::::: cpe:2.3:a:gnu:glibc:2.11.2::::::: cpe:2.3:a:gnu:glibc:2.11.1::::::: cpe:2.3:a:gnu:glibc:2.10.1::::::: cpe:2.3:a:gnu:glibc:2.11::::::: cpe:2.3:a:gnu:glibc:2.10::::::: cpe:2.3:a:gnu:glibc:2.9:::::::	Configuration 1 OR cpe:2.3:o:debian:debian_linux:8.0::::::: Configuration 2 OR cpe:2.3:a:gnu:glibc:2.22::::::: cpe:2.3:a:gnu:glibc:2.21::::::: cpe:2.3:a:gnu:glibc:2.20::::::: cpe:2.3:a:gnu:glibc:2.19::::::: cpe:2.3:a:gnu:glibc:2.18::::::: cpe:2.3:a:gnu:glibc:2.17::::::: cpe:2.3:a:gnu:glibc:2.16::::::: cpe:2.3:a:gnu:glibc:2.15::::::: cpe:2.3:a:gnu:glibc:2.14.1::::::: cpe:2.3:a:gnu:glibc:2.14::::::: cpe:2.3:a:gnu:glibc:2.13::::::: cpe:2.3:a:gnu:glibc:2.12.2::::::: cpe:2.3:a:gnu:glibc:2.12.1::::::: cpe:2.3:a:gnu:glibc:2.12::::::: cpe:2.3:a:gnu:glibc:2.11.3::::::: cpe:2.3:a:gnu:glibc:2.11.2::::::: cpe:2.3:a:gnu:glibc:2.11.1::::::: cpe:2.3:a:gnu:glibc:2.10.1::::::: cpe:2.3:a:gnu:glibc:2.11::::::: cpe:2.3:a:gnu:glibc:2.10::::::: cpe:2.3:a:gnu:glibc:2.9::::::: Configuration 3 OR cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2::::::: cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2::::::: cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2::::::: cpe:2.3:o:redhat:enterprise_linux_workstation:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_server:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0::::::: cpe:2.3:o:redhat:enterprise_linux_desktop:7.0::::::: Configuration 4 OR cpe:2.3:a:sophos:unified_threat_management_software:9.355::::::: cpe:2.3:a:sophos:unified_threat_management_software:9.319::::::: Configuration 5 OR cpe:2.3:a:oracle:exalogic_infrastructure:2.0::::::: cpe:2.3:a:oracle:exalogic_infrastructure:1.0::::::: Configuration 6 OR cpe:2.3:a:f5:big-ip_policy_enforcement_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_local_traffic_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_link_controller:12.0.0::::::: cpe:2.3:a:f5:big-ip_domain_name_system:12.0.0::::::: cpe:2.3:a:f5:big-ip_application_security_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_application_acceleration_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_analytics:12.0.0::::::: cpe:2.3:a:f5:big-ip_advanced_firewall_manager:12.0.0::::::: cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0::::::: Configuration 7 OR cpe:2.3:a:oracle:fujitsu_m10_firmware:2290::::::: (and previous) Configuration 8 OR cpe:2.3:o:canonical:ubuntu_linux:15.10::::::: cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::* Configuration 9 OR cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp3::::::* cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp4::::::* cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp3::::::* cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp4::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3::::vmware:: cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp3::::::* cpe:2.3:o:suse:linux_enterprise_software_development_kit:11.0:sp4::::::* cpe:2.3:o:novell:opensuse:13.2::::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:12::::::: cpe:2.3:o:suse:linux_enterprise_server:12::::::: cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1::::::* cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1::::::* cpe:2.3:o:suse:linux_enterprise_server:12:sp1::::::* cpe:2.3:o:suse:linux_enterprise_desktop:12::::::: cpe:2.3:a:suse:linux_enterprise_debuginfo:11.0:sp2::::::* cpe:2.3:o:suse:linux_enterprise_server:11.0:sp2:::lts:::
Changed	Reference Type	https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html Advisory	https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html No Types Assigned
Changed	Reference Type	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html No Types Assigned	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html Patch
Changed	Reference Type	https://access.redhat.com/articles/2161461 Advisory	https://access.redhat.com/articles/2161461 No Types Assigned

CVE-2015-7547

Ubuntu GNU C Library Buffer Overflow

Description

INFO

Feb. 18, 2016, 9:59 p.m.

Nov. 21, 2024, 2:36 a.m.

Yes !

5.9

2.2

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

97.22 }} -0.06%

0.99919

CVSS30 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light