Glibc getaddrinfo() stack-overflow Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-16-002 Final 1 1 2016-02-25T00:00:00 Current version 2016-02-25T00:00:00 2016-02-25T00:00:00 Since glibc 2.9, the glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack. The following products are confirmed to be not affected: FortiOS FortiSwitch FortiAnalyzer FortiManager FortiMail Fortibridge FortiAuthenticator Meru FortiMom FortiDirector FortiPrivateCloud FortiCache FortiClient FortiRecorder FortiCore Other products are in the course of being investigated. N/A CVE-2015-7547 https://fortiguard.fortinet.com/psirt/FG-IR-16-002 Glibc getaddrinfo() stack-overflow Reference>