Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS-2016-639
HistoryJan 18, 2016 - 11:00 a.m.

Low: grep

2016-01-1811:00:00
alas.aws.amazon.com
13

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.1%

JSON

Issue Overview:

A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory.

Affected Packages:

grep

Issue Correction:
Run yum update grep to update your system.

New Packages:

i686:  
    grep-debuginfo-2.20-1.16.amzn1.i686  
    grep-2.20-1.16.amzn1.i686  
  
src:  
    grep-2.20-1.16.amzn1.src  
  
x86_64:  
    grep-debuginfo-2.20-1.16.amzn1.x86_64  
    grep-2.20-1.16.amzn1.x86_64

Additional References

Red Hat: CVE-2015-1345

Mitre: CVE-2015-1345

Related

nessus 13
ibm 4
nvd 1
debiancve 1
openvas 7
f5 1
archlinux 1
centos 2
ubuntucve 1
prion 1
cvelist 1
redhat 2
cve 1
gentoo 1
oraclelinux 2
veracode 1
amazon 1
nessus
nessus
CentOS 7 : grep (CESA-2015:2111)
2015-12-02 00:00:00
GLSA-201502-14 : grep: Denial of Service
2015-02-26 00:00:00
Amazon Linux AMI : grep (ALAS-2016-639)
2016-01-19 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in GNU Grep affects PowerKVM (CVE-2015-1345)
2018-06-18 01:30:37
Security Bulletin: Vulnerabilities in GNU grep utility affect IBM Security Network Protection (CVE-2012-5667, and CVE-2015-1345)
2018-06-16 21:38:15
Security Bulletin: Multiple vulnerabilities in GNU grep affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1345, CVE-2012-5667)
2018-06-17 22:32:53
nvd
nvd
CVE-2015-1345
2015-02-12 16:59:03
debiancve
debiancve
CVE-2015-1345
2015-02-12 16:59:03
openvas
openvas
Oracle: Security Advisory (ELSA-2015-2111)
2015-11-24 00:00:00
Gentoo Security Advisory GLSA 201502-14
2015-09-29 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-639)
2016-01-20 00:00:00
f5
f5
K42891424 : Grep vulnerability CVE-2015-1345
2017-06-29 00:00:00
archlinux
archlinux
grep: denial of service
2015-03-05 00:00:00
centos
centos
grep security update
2015-11-30 19:32:57
grep security update
2015-07-26 14:11:37
ubuntucve
ubuntucve
CVE-2015-1345
2015-02-12 00:00:00
prion
prion
Out-of-bounds
2015-02-12 16:59:00
cvelist
cvelist
CVE-2015-1345
2015-02-12 16:00:00
redhat
redhat
(RHSA-2015:2111) Low: grep security and bug fix update
2015-11-19 14:39:52
(RHSA-2015:1447) Low: grep security, bug fix, and enhancement update
2015-07-22 00:00:00
cve
cve
CVE-2015-1345
2015-02-12 16:59:03
gentoo
gentoo
grep: Denial of service
2015-02-25 00:00:00
oraclelinux
oraclelinux
grep security and bug fix update
2015-11-23 00:00:00
grep security, bug fix, and enhancement update
2015-07-28 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Heap Out-of-Bounds (OOB) Read
2019-05-02 05:41:03
amazon
amazon
Low: grep
2015-09-22 10:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for ALAS-2016-639
nessus13ibm4nvd1debiancve1openvas7f51archlinux1centos2ubuntucve1prion1cvelist1redhat2cve1gentoo1oraclelinux2veracode1amazon1