Vulnerability in GNU C Library allows remote code execution
4 Pages937 Words382 Views
About This Document
A vulnerability in all versions of glibc since 2.9 allows remote attackers to execute arbitrary code through altered DNS response. The client side of glibc DNS resolver is prone to stack-based buffer overflow. This article provides a technical description of the vulnerability, its attack vector, exploitation scenario, mitigation, and remediation.