A vulnerability has been discovered via a stack-based buffer overflow
that was found when libresolv libraries perform dual A/AAAA DNS
queries. This could, potentially, allow a remote attacker to create a
specially crafted DNS response, gaining permissions of the account owner
and enabling them to execute malicious code. The potential exploit of
the GNU C Library (glibc) was recently discovered.
TechnicalRx repositories have been updated and managed servers
will get an automatic update that patches this vulnerability. A reboot will still be required in those
cases in order to ensure all potential threats have been neutralized. In order to ensure the peak
security of our customers, we will be proactively patching and initiating reboots on February 18th (2016) at 10:00PM (EST) for all servers.
The actions we’re taking should ensure that all managed servers are
patched. In these cases, no customer action should be required.
If you have any additional questions, please do not hesitate to contact
us via telephone at (954)-800-3307 or by email at