Company

About Us

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

Read about how we got here

Leadership Work at eSentire

Jul

Kaseya attack shows how third-party software is the perfect delivery method for ransomware

Jul

Kaseya Breach Shakes Faith in ITSM Platforms

Jul

Supply-chain attack on Kaseya remote management software targets MSPs

View Newsroom →

Jul 12, 2021

Tecala and eSentire Partner to Protect Enterprises across APAC from Business-Disrupting Cyber Attacks

Sydney, 12 July, 2021 - Tecala, Australia’s award-winning technology services and IT consulting provider, today announced it has chosen eSentire, the global Authority in Managed Detection and Response (MDR) cybersecurity services, as their exclusive MDR solution provider in Australia and New Zealand. This partnership will enable Tecala to augment its cybersecurity practice and offer enterprises…
Read More

View Press Releases →

Partners

Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.

Learn about our Partner Program

Malicious Activity Assessment

A 45 day of continuous network visibility assessment and cybersecurity scorecard.

Rapid Assist

A powerful post-breach tool that augments network and endpoint data collection.

Multi-Tenant Sensor (MTS)

MTS protects your customers’ networks 24/7 from today’s evolving threat landscape.

Apply today to partner with the Authority in Managed Detection and Response.

Become a Partner →

Partner Login →

Please be advised that a very serious vulnerability was recently announced to the way many versions of the Linux operating system handle DNS resolution. This vulnerability affects a variety of Linux servers and Linux-based appliances. In order to help our customers address this threat we have outlined the vector and mitigation methods applicable to this vulnerability below.

What We Know

What is CVE-2015-7547:

CVE-2015-7547 is a “buffer overflow” bug affecting the getaddrinfo() function calls in the glibc library
Earliest vulnerable glibc version: glibc-2.9 (released in May 2008)
The getaddrinfo() function calls are used for DNS resolution. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying specially crafted DNS responses to an application that performs DNS lookups
Many common Linux programs and commands like sudo, ssh, Python, mail servers, curl, and anything else that performs DNS lookups are potential targets for exploitation
A proof of concept exploit that allows remote code execution leveraging this vulnerability has been reported, although not publicly released
It has not yet been confirmed whether it is possible to craft correctly formed DNS responses that will trigger this vulnerability and penetrate through a DNS caching name server, thus allowing attackers to exploit victims who would otherwise be protected against such attacks
Although the vulnerability has some similarities to the GHOST vulnerability (CVE-2015-0235) announced last year, its implications are more serious and it needs to be addressed with a higher degree of urgency

Who is affected:

All versions of the Linux operating system running a vulnerable version of the GNU libc library (versions 2.9 through 2.22 are vulnerable). This includes:
- Debian (squeeze and later)
- Ubuntu (12.04 LTS and newer)
- RHEL 6/7
- SUSE 11
- Appliances running Linux-based firmware may also be vulnerable (an ongoing list of affected devices is being compiled here: https://www.reddit.com/r/networking/comments/46jfjf/cve20157547_mega_thread/)

Protection

eSentire protection:

Based on a recently released proof-of-concept exploit, eSentire has updated Network Interceptor™ signatures to detect attempts to exploit this vulnerability
In light of the seriousness of this vulnerability, we recommend that you immediately apply the appropriate security updates on all vulnerable Linux hosts
For firmware-based appliances, please consult your vendors for the latest vulnerability information and patches

ESENTIRE SERVICES

Managed Risk Programs →

Managed Detection & Response →

Digital Forensics & Incident Response →

ESENTIRE PLATFORM

Atlas Extended Detection & Response (XDR) →

ESENTIRE PEOPLE

Team eSentire

Security Operations Center (SOC)

Threat Response Unit

ESENTIRE INCIDENT RESPONSE

Are you experiencing a security incident or have you been breached?

CALL US NOW

Network

Endpoint

Log

Cloud

Insider Threat

Case Studies

White Papers

Reports

Webinars

Data Sheets

Resources

Security advisories — Feb 26, 2019

glibc getaddrinfo() Vulnerability (CVE-2015-7547)

What We Know

What is CVE-2015-7547:

Who is affected:

Protection

eSentire protection:

Resources

Sales and Customer Support

What we do

How we do it

Resources

Company

The Authority in Managed Detection and Response.