My Favorites

Close

Please to see your favorites.

  • Bookmark
  • Email Document
  • Printer Friendly
  • Favorite
  • Rating:

Access Manager GLIBC CVE-2015-7547

This document (7017273) is provided subject to the disclaimer at the end of this document.

Environment

NetIQ Access Manager 4.0
NetIQ Access Manager 4.1
NetIQ Access Manager 4.2
NetIQ Access Manager Appliance
NetIQ Access Gateway Service on Linux
NetIQ Access Gateway Appliance

Situation

The reported vulnerability (CVE-2015-7547) effects all versions of Access Manager where manipulation of DNS queries can generate buffer overflows.

"Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module."

A security update for glibc has been released and includes the fix for CVE-2015-7547 (details at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547)

Resolution

Apply the glibc-2.11.3-17.95.2 update from the SLES security update channel.

Note that for Appliance setups running on 4.0 and 4.1, make sure that you upgrade the OS from the shipping SLES11 SP3 platform to SLES11 SP4 using the instructions at https://www.netiq.com/documentation/access-manager-41/install_upgrade/data/b1anabi2.html.

For setups running on the Red Hat platform, check out https://access.redhat.com/security/cve/cve-2015-7547 for version specific builds.

Additional Information

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7017273
  • Creation Date:18-FEB-16
  • Modified Date:22-NOV-16
    • NetIQAccess Manager (NAM)

Did this document solve your problem? Provide Feedback

< Back to Support Search

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center