Access Manager GLIBC CVE-2015-7547

  • 7017273
  • 18-Feb-2016
  • 22-Nov-2016


NetIQ Access Manager 4.0
NetIQ Access Manager 4.1
NetIQ Access Manager 4.2
NetIQ Access Manager Appliance
NetIQ Access Gateway Service on Linux
NetIQ Access Gateway Appliance


The reported vulnerability (CVE-2015-7547) effects all versions of Access Manager where manipulation of DNS queries can generate buffer overflows.

"Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the NSS module."

A security update for glibc has been released and includes the fix for CVE-2015-7547 (details at


Apply the glibc-2.11.3-17.95.2 update from the SLES security update channel.

Note that for Appliance setups running on 4.0 and 4.1, make sure that you upgrade the OS from the shipping SLES11 SP3 platform to SLES11 SP4 using the instructions at

For setups running on the Red Hat platform, check out for version specific builds.

Additional Information