VU#457759 Vulnerability - Security Advisory TWA SEC 3653

TCPWave DNS Appliance

Google has announced ”glibc getaddrinfo()” vulnerability in glibc. All the glibc versons since 2.9 are affected due to this vulnerability. For more information please visit: CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow.

None

The TCPWave DNS Appliances and TCPWave Sharkcage Appliances do not use a vulnerable version of glibc in the current production releases. A newer version that is scheduled for a summer release has been found vulnerable and has been patched. When the customers upgrade the existing appliances to a newer version, they will not be impacted by this vulnerability.