Operating System:

[Debian]

Published:

28 January 2015

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ESB-2015.0188 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2015.0188
                          eglibc security update
                              28 January 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           eglibc
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-0235 CVE-2014-7817 CVE-2014-6040
                   CVE-2012-6656  

Reference:         ESB-2015.0035
                   ESB-2014.2457

Original Bulletin: 
   http://www.debian.org/security/2015/dsa-3142

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3142-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
January 27, 2015                       http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : eglibc
CVE ID         : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817 CVE-2015-0235

Several vulnerabilities have been fixed in eglibc, Debian's version of
the GNU C library:

CVE-2015-0235

    Qualys discovered that the gethostbyname and gethostbyname2
    functions were subject to a buffer overflow if provided with a
    crafted IP address argument.  This could be used by an attacker to
    execute arbitrary code in processes which called the affected
    functions.

    The original glibc bug was reported by Peter Klotz.

CVE-2014-7817

    Tim Waugh of Red Hat discovered that the WRDE_NOCMD option of the
    wordexp function did not suppress command execution in all cases.
    This allows a context-dependent attacker to execute shell
    commands.

CVE-2012-6656
CVE-2014-6040

    The charset conversion code for certain IBM multi-byte code pages
    could perform an out-of-bounds array access, causing the process
    to crash.  In some scenarios, this allows a remote attacker to
    cause a persistent denial of service.

For the stable distribution (wheezy), these problems have been fixed in
version 2.13-38+deb7u7.

For the upcoming stable distribution (jessie) and the unstable
distribution (sid), the CVE-2015-0235 issue has been fixed in version
2.18-1 of the glibc package.

We recommend that you upgrade your eglibc packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJUx7lnAAoJEL97/wQC1SS+jR0H/jMCNxCkr3qFKwpMAZst/Xwb
AVVKtVQoDkknriA7ElMhWWKSOfLVgWQv4WE72WVwuMcQxaiFxkNoSHEvNoAevwf0
dfRpq4rfWAuRgw531DPQxSyIr9UjGFjTZ9mXVv9RW1+LtjouJb6Rp6AGKvaLpGM+
lDjiJvR2WcdTez6EGXbQdENa1xiKoxxEfJlSN5KE+9CuLeqDqeU0OKiWZ18GwNUX
5Gmyo9JP3LmWuYJxD0RKWf9dHEJLHAZ+qHGSKvFKpFg7yH7W7Pt5OoorGNR969RY
BSpxLbhSgUBCx5TMT/MdwY1BloEzFbO6sE66WRkv+wPuQUGceks/bM9te880Hws=
=+mSs
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVMgzUBLndAQH1ShLAQKNUw//XQFgGD9iy95Es5IKuRylF8Zn9CAziEz4
y3D5v5qOXOY7JW+OnFdIkhL7dKIQqS/iXFgPB49hIyOeAKOVW0PU62d4+OTZfHqJ
k3kg0h9IFaBt4vOUHqI5NhizdGzUai7r4KRd6DgDsbOZxQPrRm2pLg2X3RwGgZAz
2A3CmldvVXTQ8SQvVJuKAIA+LRITRQsbglJK8/QngsTYVbswJqd/5J1Njh+Bzyjk
gTdHXpNJiXsbQhU4x+UXCkDyXL/jQR+cOFrwYjfqDGVemIWwIbcar7/fGUkRzU3b
yeAO/HC2cc/9XFj36Q+JFLs6jwHQ71p/+iFdQ9WKt8EbNSe5pizg+b578kyQ2FeO
wXvYdWmh0+zyEF96B1Q8ernfqsXqebEU9zOmlAHr6+1uTsgjMVIFyDjA1EBncXX5
ROFdP+LRav8O0Ia3YwNBbzaBTU+BmlVM1dJebGYC+SuLOqkIrUyv51P7WvUqsrb2
64lV6bt0Pi1AW+lufWuyy5kEtwlnmeuEmeoKqOfy0J7wikB69vs1e7kGfISTk6Wi
CVNMSqMIUi282yn2kmSXGdr3ILrsy06jSKZBE2i/tJoW3VD4K9Q9gNSJsdpepHiA
okGWyeC03+lDrVVycYsg7MxY8d5JZeValukapvi/lYt6brgJ8f5u6U7gi4b4eZfk
JhXegl5OKnk=
=t2OE
-----END PGP SIGNATURE-----