Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2017-12132

The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.

Source

Severity Medium

Remote Yes

Type Content spoofing

Description

The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.

AVG-369 lib32-glibc 2.25-7 2.26-1 Critical Fixed

AVG-368 glibc 2.25-7 2.26-1 Critical Fixed

https://sourceware.org/bugzilla/show_bug.cgi?id=21361
https://arxiv.org/pdf/1205.4011.pdf
https://www.sourceware.org/ml/libc-alpha/2017-08/msg00010.html

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect