Skip to main content

CVE-2015-7547 MegaBug wating to hit electronic devices



TechGlyphs Editor

A highly critical vulnerability has been uncovered in the GNU C Library (glibc), a key component of most Linux distributions, that leaves nearly all Linux machines, thousands of apps and electronic devices vulnerable to hackers.


GNU C Library (glibc) is a collection of open source code that powers thousands of standalone apps and most Linux distributions, including those distributed to routers and other types of hardware.The flaw can be exploited when an affected device or app make queries to a malicious DNS server that returns too much information to a lookup request and floods the program's memory with code.


This code then compromises the vulnerable application or device and tries to take over the control over the whole system.


It is possible to inject the domain name into server log files, which when resolved will trigger remote code execution. An SSH (Secure Shell) client connecting to a server could also be compromised.


However, an attacker need to bypass several operating system security mechanisms – like ASLR and non-executable stack protection – in order to achieve successful RCE attack.


Alternatively, an attacker on your network could perform man-in-the-middle (MitM) attacks and tamper with DNS replies in a view to monitoring and manipulating (injecting payloads of malicious code) data flowing between a vulnerable device and the Internet."glibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated."

"Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow."


you can help prevent exploitation of the flaw, if you aren’t able to immediately patch your instance of glibc, by limiting all TCP DNS replies to 1024 bytes, and dropping UDP DNS packets larger than 512 bytes



Labels:

Comments

Post a Comment

Popular posts from this blog

Unusual websites

1. BugMeNot - instantly get disposable login details for any popular website that forces you to register. 2. DailyLit - read your favorite books by email (on your PC, mobile, etc.). 3. FranceRadio - neat MP3 Search Engine that lets you Find, Play and Download favorite MP3s for FREE. 4. Google SMS - provides mobile users with a quick access (via SMS) to a wide range of practical information and tools (i.e. business listings (pizzerias, shops, etc.), weather, movie listings, driving directions, currency converter and lots more. 5. Podlinez - listen to your favorite podcasts from any phone. Just enter the RSS feed URL for the desired podcast and get a free-toll number to access it from a phone. 6. RetailMeNot - locate fresh discount coupons for thousands of web merchants and services right from your browser toolbar. Video demo . 7. SoLow - on a daily basis SoLow auctions 4 different items (iPhones, HD Screens, etc.). Anyone with a mobile/PC can participate in the auctions by ...
Post a Comment
Read more

7 website to Update your life other than Facebook

There are many other websites other than FB,G+,Twitter to update your social life.I will list some of them here. 1. eHow eHow teaches you wide array of skills on different topics step-by-step. The content is created by its team of writers, called experts, who create how-to guides on topics from personal hygiene to food recipes. You can learn anything from making a Raspberry Pi Alarm clock to making a scarecrow for your garde 2. http://www.wikihow.com/ WikiHow is another how-to site teaching us how to do things in an organized manner, but it has been modeled as a Wiki. At eHow, the staff themselves are paid to create the guides, but at Wikihow, eveyone can edit, modify, and delete content. So, it’s not just about learning — you can also teach others the valuable skills 3. http://www.howstuffworks.com/ HowStuffWorks is another wonderful website to broaden your horizons, providing you with very unique and interesting information on a wide range of topics. It contains ...
Post a Comment
Read more

BitTorrent-Powered Ad-Free YouTube Alternative

YouTube accounts for more than a billion visitors every month, but it is not a secret that it has its weaknesses, especially when it comes to monetizing controversial content . Such weaknesses can be avoided by the recently launched BitTorrent-powered alternative. https://www.bitchute.com/ BitChute has launched, offering to hand freedom back to its users. The new service has a familiar layout for a video streaming platform: it features similar video controls, view counts, tools to vote on content, and a comment section. It is known that video content hosting platforms consume the obscene amounts of bandwidth, and therefore big hosting bills usually accompany their success.  However, BitChute does not utilize central servers – instead, it uses WebTorren t, a system which allows people to share content directly from their browser, without any additional configuration or installation. In other words, the users of the platform become hosts of the videos they’re watching, thus bringing ...
Post a Comment
Read more