vulnerability

CentOS Linux: CVE-2017-12132: Moderate: glibc security, bug fix, and enhancement update (CESA-2018:0805)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Aug 1, 2017	Aug 28, 2019	May 25, 2023

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Aug 1, 2017

Added

Aug 28, 2019

Modified

May 25, 2023

Description

The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.

Solutions

centos-upgrade-glibccentos-upgrade-glibc-commoncentos-upgrade-glibc-debuginfocentos-upgrade-glibc-debuginfo-commoncentos-upgrade-glibc-develcentos-upgrade-glibc-headerscentos-upgrade-glibc-staticcentos-upgrade-glibc-utilscentos-upgrade-nscd

References

BID-100598
NVD-CVE-2017-12132
REDHAT-RHSA-2018:0805

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today