LANDESK is aware of the vulnerability inside of glibc which is currently used by our cloud service appliance(CSA). CSA 4.3 patch 176 will resolve this as it has an updated glibc package which corrects this vulnerability. To update your CSA please see this page : How To: Download and Patch the Cloud Service Appliance ( CSA ) version 4.3/4.4 manually
What is this vulnerability?
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
For more information please see CVE -CVE-2015-7547
For more information see also Google Online Security Blog: CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow
LANDESK Cloud Services Appliance version 4.3 with patch level of 175 or lower