A recently discovered vulnerability in glibc would potentially allow an attacker remote code execution by making a victim do a DNS lookup. The code has apparently been around since 2008 and there are some PoCs available.
Full remote code execution has been demonstrated by Google, despite the usual battery of post-exploitation mitigations like ASLR, NX, and so on.Worth noting that many other programming languages and frameworks use the underlying libc functions to resolve domain names (Java, Python, Ruby among others) and are affected by this. Patch now. Tags: glibc dns vulnerability
More from: dankaminsky.com
show/hide source |