Packet Analysis

Capture of recently discovered glibc getaddrinfo() vulnerability

1 min read

The folks at Google Security recently discovered a vulnerability in glibc’s getaddrinfo() library function, allowing attackers to execute malicious code transmitted in oversized DNS replies. Scary stuff!

Luckily, there’s already a patch, and the developers generated some proof of concept code to demonstrate the vulnerability. We took that code and ran it against some of our own systems. You can see a packet capture of the whole thing here:

https://www.cloudshark.org/captures/0a13d445cb31

This is scary stuff - thanks Google!

Get articles like this in your inbox: