Company

About Us

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

Read about how we got here

Leadership Work at eSentire

Dec

Automating Threat Detection and Response with Microsoft Azure Sentinel

Join Kurtis Armour, Director, Product Management for a briefing with Cloud…

Dec

Axe Throwing with eSentire

Join eSentire for an evening of axe throwing at Bury the Hatchet in New…

Dec

Digital Best Practice Exchange Series: Banking & Finance - Modernizing IAM

Join eSentire in the November Banking and Finance Digital Best Practice…

View Event Calendar →

Oct 28, 2021

Telarus and eSentire Expand Partnership to Safeguard Enterprises Globally Against Business Disrupting Ransomware and Zero-Day Attacks

London, UK and Sydney, Australia– Oct. 28, 2021 - eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announces the expansion of its partnership with Telarus, the largest privately-held distributor of business cloud infrastructure and contact centre services. Building on their mutual success across North America, Telarus will bring eSentire’s Managed…
Read More

View Newsroom →

Partners

Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.

Learn about our Partner Program

Malicious Activity Assessment

A 45 day of continuous network visibility assessment and cybersecurity scorecard.

Multi-Tenant Sensor (MTS)

MTS protects your customers’ networks 24/7 from today’s evolving threat landscape.

Apply today to partner with the Authority in Managed Detection and Response.

Become a Partner →

Partner Login →

Speak With A Security Expert Now

Please be advised that a very serious vulnerability was recently announced to the way many versions of the Linux operating system handle DNS resolution. This vulnerability affects a variety of Linux servers and Linux-based appliances. In order to help our customers address this threat we have outlined the vector and mitigation methods applicable to this vulnerability below.

What We Know

What is CVE-2015-7547:

CVE-2015-7547 is a “buffer overflow” bug affecting the getaddrinfo() function calls in the glibc library
Earliest vulnerable glibc version: glibc-2.9 (released in May 2008)
The getaddrinfo() function calls are used for DNS resolution. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying specially crafted DNS responses to an application that performs DNS lookups
Many common Linux programs and commands like sudo, ssh, Python, mail servers, curl, and anything else that performs DNS lookups are potential targets for exploitation
A proof of concept exploit that allows remote code execution leveraging this vulnerability has been reported, although not publicly released
It has not yet been confirmed whether it is possible to craft correctly formed DNS responses that will trigger this vulnerability and penetrate through a DNS caching name server, thus allowing attackers to exploit victims who would otherwise be protected against such attacks
Although the vulnerability has some similarities to the GHOST vulnerability (CVE-2015-0235) announced last year, its implications are more serious and it needs to be addressed with a higher degree of urgency

Who is affected:

All versions of the Linux operating system running a vulnerable version of the GNU libc library (versions 2.9 through 2.22 are vulnerable). This includes:
- Debian (squeeze and later)
- Ubuntu (12.04 LTS and newer)
- RHEL 6/7
- SUSE 11
- Appliances running Linux-based firmware may also be vulnerable (an ongoing list of affected devices is being compiled here: https://www.reddit.com/r/networking/comments/46jfjf/cve20157547_mega_thread/)

Protection

eSentire protection:

Based on a recently released proof-of-concept exploit, eSentire has updated Network Interceptor™ signatures to detect attempts to exploit this vulnerability
In light of the seriousness of this vulnerability, we recommend that you immediately apply the appropriate security updates on all vulnerable Linux hosts
For firmware-based appliances, please consult your vendors for the latest vulnerability information and patches

ESENTIRE SERVICES

Managed Risk Programs →

Managed Detection & Response →

Digital Forensics & Incident Response →

ESENTIRE PLATFORM

Atlas Extended Detection & Response (XDR) →

ESENTIRE PEOPLE

Team eSentire

Security Operations Center (SOC)

Threat Response Unit

ESENTIRE MDR FOR MICROSOFT

Visibility and Response Across Your Entire Microsoft Security Ecosystem

Network

Endpoint

Log

Cloud

Insider Threat

Case Studies

White Papers

Reports

Webinars

Data Sheets

Resources

Security advisories — Feb 26, 2019

glibc getaddrinfo() Vulnerability (CVE-2015-7547)

What We Know

What is CVE-2015-7547:

Who is affected:

Protection

eSentire protection:

Resources

Sales and Customer Support

What we do

How we do it

Resources

Company

The Authority in Managed Detection and Response.