Access Manager GLIBC CVE-2015-7547
This document (7017273) is provided subject to the disclaimer at the end of this document.
NetIQ Access Gateway Service on Linux
NetIQ Access Gateway Appliance
"Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module."
A security update for glibc has been released and includes the fix for CVE-2015-7547 (details at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547)
Note that for Appliance setups running on 4.0 and 4.1, make sure that you upgrade the OS from the shipping SLES11 SP3 platform to SLES11 SP4 using the instructions at https://www.netiq.com/documentation/access-manager-41/install_upgrade/data/b1anabi2.html.
For setups running on the Red Hat platform, check out https://access.redhat.com/security/cve/cve-2015-7547 for version specific builds.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7017273
- Creation Date:18-FEB-16
- Modified Date:22-NOV-16
- NetIQAccess Manager (NAM)
Did this document solve your problem? Provide Feedback< Back to Support Search