Access Manager GLIBC CVE-2015-7547

  • 7017273
  • 18-Feb-2016
  • 22-Nov-2016

Environment

NetIQ Access Manager 4.0
NetIQ Access Manager 4.1
NetIQ Access Manager 4.2
NetIQ Access Manager Appliance
NetIQ Access Gateway Service on Linux
NetIQ Access Gateway Appliance

Situation

The reported vulnerability (CVE-2015-7547) effects all versions of Access Manager where manipulation of DNS queries can generate buffer overflows.

"Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module."

A security update for glibc has been released and includes the fix for CVE-2015-7547 (details at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547)

Resolution

Apply the glibc-2.11.3-17.95.2 update from the SLES security update channel.

Note that for Appliance setups running on 4.0 and 4.1, make sure that you upgrade the OS from the shipping SLES11 SP3 platform to SLES11 SP4 using the instructions at https://www.netiq.com/documentation/access-manager-41/install_upgrade/data/b1anabi2.html.

For setups running on the Red Hat platform, check out https://access.redhat.com/security/cve/cve-2015-7547 for version specific builds.

Additional Information

Feedback service temporarily unavailable. For content questions or problems, please contact Support.