A vulnerability was identified in GNU C Library (glibc) which is used in many Linux or Unix-based OS. Due to a stack-based buffer overflow vulnerability in the function " getaddrinfo()", applications using the glibc DNS client side resolver to resolve hostnames are vulnerable to attacks when resolving attacker-controlled domain names, DNS servers, or through a man-in-the-middle attack. Proof-of-concept codes were tested to successfully exploit the vulnerability.
A successful attack could lead to remote arbitrary code execution.
Patches for some affected systems including RedHat, CentOS, Ubuntu and Debian have been released to address the vulnerability. Users should check if their systems are affected by contacting corresponding support vendors or checking the glibc version by using a command "ldd -–version".
Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
https://www.us-cert.gov/ncas/current-activity/2016/02/17/GNU-glibc-Vulnerability
https://www.kb.cert.org/vuls/id/457759
https://googleonlinesecurity.blogspot.hk/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547