CVE-2015-7547
Title: F5 Big-Ip Application Security Manager RCE
Memory Corruption
Proof Of Concept
PoC Available for CVE-2015-7547
CWE Category
CWE-119
Published Date
Feb 18, 2016
Modified Date
May 06, 2026
Exploit Status
Available
Score
8.1
CVSS v3.0
Exploit Probability (EPSS)
93.91%
Vulnerability Summary
CVE-2015-7547: Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
Impacted Vendors
Reference Links
http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html
http://marc.info/?l=bugtraq&m=145596041017029&w=2
http://marc.info/?l=bugtraq&m=145672440608228&w=2
http://marc.info/?l=bugtraq&m=145690841819314&w=2
http://marc.info/?l=bugtraq&m=145857691004892&w=2
http://marc.info/?l=bugtraq&m=146161017210491&w=2
http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
http://rhn.redhat.com/errata/RHSA-2016-0175.html
http://rhn.redhat.com/errata/RHSA-2016-0176.html
http://rhn.redhat.com/errata/RHSA-2016-0225.html
http://rhn.redhat.com/errata/RHSA-2016-0277.html
http://seclists.org/fulldisclosure/2019/Sep/7
http://seclists.org/fulldisclosure/2021/Sep/0
http://seclists.org/fulldisclosure/2022/Jun/36
http://support.citrix.com/article/CTX206991
http://ubuntu.com/usn/usn-2900-1
http://www.debian.org/security/2016/dsa-3480
http://www.debian.org/security/2016/dsa-3481
http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/83265
http://www.securitytracker.com/id/1035020
http://www.vmware.com/security/advisories/VMSA-2016-0002.html
https://access.redhat.com/articles/2161461
https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
https://bto.bluecoat.com/security-advisory/sa114
https://bugzilla.redhat.com/show_bug.cgi?id=1293532
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161
https://kc.mcafee.com/corporate/index?page=content&id=SB10150
https://seclists.org/bugtraq/2019/Sep/7
https://security.gentoo.org/glsa/201602-02
https://security.netapp.com/advisory/ntap-20160217-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=18665
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html
https://support.lenovo.com/us/en/product_security/len_5450
https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17
https://www.exploit-db.com/exploits/39454/
https://www.exploit-db.com/exploits/40339/
https://www.kb.cert.org/vuls/id/457759
https://www.tenable.com/security/research/tra-2017-08
http://fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177412.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html
http://marc.info/?l=bugtraq&m=145596041017029&w=2
http://marc.info/?l=bugtraq&m=145672440608228&w=2
http://marc.info/?l=bugtraq&m=145690841819314&w=2
http://marc.info/?l=bugtraq&m=145857691004892&w=2
http://marc.info/?l=bugtraq&m=146161017210491&w=2
http://packetstormsecurity.com/files/135802/glibc-getaddrinfo-Stack-Based-Buffer-Overflow.html
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
http://rhn.redhat.com/errata/RHSA-2016-0175.html
http://rhn.redhat.com/errata/RHSA-2016-0176.html
http://rhn.redhat.com/errata/RHSA-2016-0225.html
http://rhn.redhat.com/errata/RHSA-2016-0277.html
http://seclists.org/fulldisclosure/2019/Sep/7
http://seclists.org/fulldisclosure/2021/Sep/0
http://seclists.org/fulldisclosure/2022/Jun/36
http://support.citrix.com/article/CTX206991
http://ubuntu.com/usn/usn-2900-1
http://www.debian.org/security/2016/dsa-3480
http://www.debian.org/security/2016/dsa-3481
http://www.fortiguard.com/advisory/glibc-getaddrinfo-stack-overflow
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160304-01-glibc-en
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/83265
http://www.securitytracker.com/id/1035020
http://www.vmware.com/security/advisories/VMSA-2016-0002.html
https://access.redhat.com/articles/2161461
https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/
https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
https://bto.bluecoat.com/security-advisory/sa114
https://bugzilla.redhat.com/show_bug.cgi?id=1293532
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05028479
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04989404
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05008367
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05053211
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05098877
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05125672
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128937
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05130958
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05140858
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05212266
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
https://ics-cert.us-cert.gov/advisories/ICSA-16-103-01
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40161
https://kc.mcafee.com/corporate/index?page=content&id=SB10150
https://seclists.org/bugtraq/2019/Sep/7
https://security.gentoo.org/glsa/201602-02
https://security.netapp.com/advisory/ntap-20160217-0002/
https://sourceware.org/bugzilla/show_bug.cgi?id=18665
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
https://support.f5.com/kb/en-us/solutions/public/k/47/sol47098834.html
https://support.lenovo.com/us/en/product_security/len_5450
https://www.arista.com/en/support/advisories-notices/security-advisories/1255-security-advisory-17
https://www.exploit-db.com/exploits/39454/
https://www.exploit-db.com/exploits/40339/
https://www.kb.cert.org/vuls/id/457759
https://www.tenable.com/security/research/tra-2017-08
CVSS v3.0
Source Entity
[email protected]
Severity
HIGH
8.1
Attack Vector
NETWORK
Complexity
HIGH
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0
Source Entity
[email protected]
Severity
MEDIUM
6.8
Access Vector
N/A
Authentication
N/A
RAW VECTOR
AV:N/AC:M/Au:N/C:P/I:P/A:P
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2015-7547 Exploits & PoCs (Proof Of Concept)
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data or affected products updated.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
NETWORK
Complexity
HIGH
Privileges
N/A
Interaction
NONE
CVSS Vector String
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Stack
No specific products linked.