The Tenable Appliance is built on a Linux distribution that utilizes the GNU C Library (glibc). A vulnerability was recently reported impacting glibc, which may impact the Appliance. According to the researchers, glibc contains an overflow condition in the send_dg() and send_vc() functions in libresolv resolv/res_send.c where input is not properly validated when looking up domain names via the getaddrinfo() call. This may allow a remote attacker to cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
Vulmon