ID DEBIAN:DLA-97-1:B684D Type debian Reporter Debian Modified 2014-11-29T19:00:34
Description
Package : eglibc
Version : 2.11.3-4+deb6u2
CVE ID : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817
CVE-2012-6656
Fix validation check when converting from ibm930 to utf.
When converting IBM930 code with iconv(), if IBM930 code which
includes invalid multibyte character "0xffff" is specified, then
iconv() segfaults.
CVE-2014-6040
Crashes on invalid input in IBM gconv modules [BZ #17325]
These changes are based on the fix for BZ #14134 in commit
6e230d11837f3ae7b375ea69d7905f0d18eb79e5.
CVE-2014-7817
The function wordexp() fails to properly handle the WRDE_NOCMD
flag when processing arithmetic inputs in the form of "$((... ``))"
where "..." can be anything valid. The backticks in the arithmetic
epxression are evaluated by in a shell even if WRDE_NOCMD forbade
command substitution. This allows an attacker to attempt to pass
dangerous commands via constructs of the above form, and bypass
the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
in exec_comm(), the only place that can execute a shell. All other
checks for WRDE_NOCMD are superfluous and removed.
{"id": "DEBIAN:DLA-97-1:B684D", "bulletinFamily": "unix", "title": "[SECURITY] [DLA 97-1] eglibc security update", "description": "Package : eglibc\nVersion : 2.11.3-4+deb6u2\nCVE ID : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817\n\nCVE-2012-6656\n\n Fix validation check when converting from ibm930 to utf.\n When converting IBM930 code with iconv(), if IBM930 code which\n includes invalid multibyte character "0xffff" is specified, then\n iconv() segfaults.\n\nCVE-2014-6040\n\n Crashes on invalid input in IBM gconv modules [BZ #17325]\n These changes are based on the fix for BZ #14134 in commit\n 6e230d11837f3ae7b375ea69d7905f0d18eb79e5.\n\nCVE-2014-7817\n\n The function wordexp() fails to properly handle the WRDE_NOCMD\n flag when processing arithmetic inputs in the form of "$((... ``))"\n where "..." can be anything valid. The backticks in the arithmetic\n epxression are evaluated by in a shell even if WRDE_NOCMD forbade\n command substitution. This allows an attacker to attempt to pass\n dangerous commands via constructs of the above form, and bypass\n the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD\n in exec_comm(), the only place that can execute a shell. All other\n checks for WRDE_NOCMD are superfluous and removed.\n\n", "published": "2014-11-29T19:00:34", "modified": "2014-11-29T19:00:34", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201411/msg00015.html", "reporter": "Debian", "references": [], "cvelist": ["CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "type": "debian", "lastseen": "2020-11-11T13:21:25", "edition": 7, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-6040", "CVE-2012-6656", "CVE-2014-7817"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2015-0016.NASL", "FEDORA_2015-2845.NASL", "ORACLEVM_OVMSA-2015-0003.NASL", "DEBIAN_DLA-97.NASL", "SL_20150107_GLIBC_ON_SL6_X.NASL", "ALA_ALAS-2015-468.NASL", "REDHAT-RHSA-2015-0016.NASL", "UBUNTU_USN-2432-1.NASL", "CENTOS_RHSA-2015-0016.NASL", "DEBIAN_DSA-3142.NASL"]}, {"type": "ubuntu", "idList": ["USN-2432-1"]}, {"type": "f5", "idList": ["SOL16342", "F5:K16010", "SOL16435", "SOL16010"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3142-1:A3964"]}, {"type": "openvas", "idList": ["OPENVAS:703142", "OPENVAS:1361412562310105372", "OPENVAS:1361412562310869060", "OPENVAS:1361412562310871301", "OPENVAS:1361412562310703142", "OPENVAS:1361412562310882090", "OPENVAS:1361412562310851101", "OPENVAS:1361412562310123206", "OPENVAS:1361412562310120455", "OPENVAS:1361412562310123217"]}, {"type": "centos", "idList": ["CESA-2014:2023", "CESA-2015:0016", "CESA-2015:0327"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-0327", "ELSA-2014-2023", "ELSA-2015-0092", "ELSA-2015-0016"]}, {"type": "amazon", "idList": ["ALAS-2015-495", "ALAS-2015-468"]}, {"type": "redhat", "idList": ["RHSA-2015:0016", "RHSA-2015:0327", "RHSA-2014:2023"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31404", "SECURITYVULNS:VULN:13947", "SECURITYVULNS:VULN:14108"]}, {"type": "fedora", "idList": ["FEDORA:B3F8860918D2", "FEDORA:D6230604AFE5"]}, {"type": "suse", "idList": ["SUSE-SU-2014:1129-1", "SUSE-SU-2014:1128-1", "OPENSUSE-SU-2014:1115-1"]}, {"type": "archlinux", "idList": ["ASA-201411-27"]}, {"type": "gentoo", "idList": ["GLSA-201503-04", "GLSA-201602-02"]}, {"type": "slackware", "idList": ["SSA-2014-296-01"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2018", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2018-3236628"]}], "modified": "2020-11-11T13:21:25", "rev": 2}, "score": {"value": 7.8, "vector": "NONE", "modified": "2020-11-11T13:21:25", "rev": 2}, "vulnersScore": 7.8}, "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "arch": "all", "operator": "lt", "packageFilename": "eglibc_2.11.3-4+deb6u2_all.deb", "packageName": "eglibc", "packageVersion": "2.11.3-4+deb6u2"}], "scheme": null}
{"cve": [{"lastseen": "2020-12-09T19:47:27", "description": "iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of \"0xffff\" to the iconv function when converting IBM930 encoded data to UTF-8.", "edition": 5, "cvss3": {}, "published": "2014-12-05T16:59:00", "title": "CVE-2012-6656", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6656"], "modified": "2017-07-01T01:29:00", "cpe": ["cpe:/a:gnu:glibc:2.16", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2012-6656", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6656", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-10-03T12:01:21", "description": "The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing \"$((`...`))\".", "edition": 3, "cvss3": {}, "published": "2014-11-24T15:59:00", "title": "CVE-2014-7817", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7817"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/o:opensuse:opensuse:13.1", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:opensuse:opensuse:13.2", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/a:gnu:glibc:2.21", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2014-7817", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7817", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T19:58:26", "description": "GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of \"0xffff\" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8.", "edition": 5, "cvss3": {}, "published": "2014-12-05T16:59:00", "title": "CVE-2014-6040", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-6040"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/a:gnu:glibc:2.12.1", "cpe:/a:gnu:glibc:2.1.3", "cpe:/a:gnu:glibc:2.17", "cpe:/a:gnu:glibc:2.12.2", "cpe:/a:gnu:glibc:2.1.1", "cpe:/a:gnu:glibc:2.19", "cpe:/a:gnu:glibc:2.11.3", "cpe:/a:gnu:glibc:2.0.3", "cpe:/a:gnu:glibc:2.15", "cpe:/a:gnu:glibc:2.16", "cpe:/a:gnu:glibc:2.1.2", "cpe:/a:gnu:glibc:2.1.1.6", "cpe:/a:gnu:glibc:2.12", "cpe:/a:gnu:glibc:2.11", "cpe:/a:gnu:glibc:2.14", "cpe:/a:gnu:glibc:2.0", "cpe:/a:gnu:glibc:2.11.1", "cpe:/a:gnu:glibc:2.13", "cpe:/a:gnu:glibc:2.18", "cpe:/a:gnu:glibc:2.0.2", "cpe:/a:gnu:glibc:2.10.1", "cpe:/a:gnu:glibc:2.0.4", "cpe:/a:gnu:glibc:2.1", "cpe:/a:gnu:glibc:2.0.6", "cpe:/a:gnu:glibc:2.0.5", "cpe:/a:gnu:glibc:2.11.2", "cpe:/a:gnu:glibc:2.0.1", "cpe:/a:gnu:glibc:2.1.9", "cpe:/a:gnu:glibc:2.14.1"], "id": "CVE-2014-6040", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6040", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-02T11:39:57", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "description": "Siddhesh Poyarekar discovered that the GNU C Library incorrectly handled \ncertain multibyte characters when using the iconv function. An attacker \ncould possibly use this issue to cause applications to crash, resulting in \na denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu \n12.04 LTS. (CVE-2012-6656)\n\nAdhemerval Zanella Netto discovered that the GNU C Library incorrectly \nhandled certain multibyte characters when using the iconv function. An \nattacker could possibly use this issue to cause applications to crash, \nresulting in a denial of service. (CVE-2014-6040)\n\nTim Waugh discovered that the GNU C Library incorrectly enforced the \nWRDE_NOCMD flag when handling the wordexp function. An attacker could \npossibly use this issue to execute arbitrary commands. (CVE-2014-7817)", "edition": 5, "modified": "2014-12-03T00:00:00", "published": "2014-12-03T00:00:00", "id": "USN-2432-1", "href": "https://ubuntu.com/security/notices/USN-2432-1", "title": "GNU C Library vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-12T09:44:31", "description": "CVE-2012-6656\n\nFix validation check when converting from ibm930 to utf. When\nconverting IBM930 code with iconv(), if IBM930 code which includes\ninvalid multibyte character '0xffff' is specified, then iconv()\nsegfaults.\n\nCVE-2014-6040\n\nCrashes on invalid input in IBM gconv modules [BZ #17325] These\nchanges are based on the fix for BZ #14134 in commit\n6e230d11837f3ae7b375ea69d7905f0d18eb79e5.\n\nCVE-2014-7817\n\nThe function wordexp() fails to properly handle the WRDE_NOCMD flag\nwhen processing arithmetic inputs in the form of '$((... ``))' where\n'...' can be anything valid. The backticks in the arithmetic\nepxression are evaluated by in a shell even if WRDE_NOCMD forbade\ncommand substitution. This allows an attacker to attempt to pass\ndangerous commands via constructs of the above form, and bypass the\nWRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD in\nexec_comm(), the only place that can execute a shell. All other checks\nfor WRDE_NOCMD are superfluous and removed.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 15, "published": "2015-03-26T00:00:00", "title": "Debian DLA-97-1 : eglibc security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "modified": "2015-03-26T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:libc6-udeb", "p-cpe:/a:debian:debian_linux:libc6-i386", "p-cpe:/a:debian:debian_linux:libc6-dev", "p-cpe:/a:debian:debian_linux:locales", "p-cpe:/a:debian:debian_linux:libc6-amd64", "p-cpe:/a:debian:debian_linux:libc6-xen", "p-cpe:/a:debian:debian_linux:libc6-dbg", "p-cpe:/a:debian:debian_linux:libc-bin", "p-cpe:/a:debian:debian_linux:libc6-prof", "p-cpe:/a:debian:debian_linux:libc6", "p-cpe:/a:debian:debian_linux:glibc-doc", "p-cpe:/a:debian:debian_linux:nscd", "p-cpe:/a:debian:debian_linux:libc6-i686", "p-cpe:/a:debian:debian_linux:eglibc-source", "p-cpe:/a:debian:debian_linux:libnss-dns-udeb", "p-cpe:/a:debian:debian_linux:libnss-files-udeb", "p-cpe:/a:debian:debian_linux:libc6-dev-amd64", "p-cpe:/a:debian:debian_linux:libc-dev-bin", "p-cpe:/a:debian:debian_linux:locales-all", "p-cpe:/a:debian:debian_linux:libc6-pic", "p-cpe:/a:debian:debian_linux:libc6-dev-i386"], "id": "DEBIAN_DLA-97.NASL", "href": "https://www.tenable.com/plugins/nessus/82242", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-97-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82242);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\");\n script_bugtraq_id(69470, 69472, 71216);\n\n script_name(english:\"Debian DLA-97-1 : eglibc security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2012-6656\n\nFix validation check when converting from ibm930 to utf. When\nconverting IBM930 code with iconv(), if IBM930 code which includes\ninvalid multibyte character '0xffff' is specified, then iconv()\nsegfaults.\n\nCVE-2014-6040\n\nCrashes on invalid input in IBM gconv modules [BZ #17325] These\nchanges are based on the fix for BZ #14134 in commit\n6e230d11837f3ae7b375ea69d7905f0d18eb79e5.\n\nCVE-2014-7817\n\nThe function wordexp() fails to properly handle the WRDE_NOCMD flag\nwhen processing arithmetic inputs in the form of '$((... ``))' where\n'...' can be anything valid. The backticks in the arithmetic\nepxression are evaluated by in a shell even if WRDE_NOCMD forbade\ncommand substitution. This allows an attacker to attempt to pass\ndangerous commands via constructs of the above form, and bypass the\nWRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD in\nexec_comm(), the only place that can execute a shell. All other checks\nfor WRDE_NOCMD are superfluous and removed.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/11/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/eglibc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:eglibc-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:glibc-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc-dev-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-dev-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-dev-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-pic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-prof\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss-dns-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss-files-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:locales\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:locales-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"eglibc-source\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"glibc-doc\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc-bin\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc-dev-bin\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-amd64\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-dbg\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-dev\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-dev-amd64\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-dev-i386\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-i386\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-i686\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-pic\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-prof\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-udeb\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-xen\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss-dns-udeb\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss-files-udeb\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"locales\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"locales-all\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"nscd\", reference:\"2.11.3-4+deb6u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-23T18:54:50", "description": "Siddhesh Poyarekar discovered that the GNU C Library incorrectly\nhandled certain multibyte characters when using the iconv function. An\nattacker could possibly use this issue to cause applications to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656)\n\nAdhemerval Zanella Netto discovered that the GNU C Library incorrectly\nhandled certain multibyte characters when using the iconv function. An\nattacker could possibly use this issue to cause applications to crash,\nresulting in a denial of service. (CVE-2014-6040)\n\nTim Waugh discovered that the GNU C Library incorrectly enforced the\nWRDE_NOCMD flag when handling the wordexp function. An attacker could\npossibly use this issue to execute arbitrary commands. (CVE-2014-7817).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "published": "2014-12-04T00:00:00", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : eglibc, glibc vulnerabilities (USN-2432-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "modified": "2014-12-04T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libc6", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2432-1.NASL", "href": "https://www.tenable.com/plugins/nessus/79718", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2432-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79718);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\");\n script_bugtraq_id(69470, 69472, 71216);\n script_xref(name:\"USN\", value:\"2432-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : eglibc, glibc vulnerabilities (USN-2432-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Siddhesh Poyarekar discovered that the GNU C Library incorrectly\nhandled certain multibyte characters when using the iconv function. An\nattacker could possibly use this issue to cause applications to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656)\n\nAdhemerval Zanella Netto discovered that the GNU C Library incorrectly\nhandled certain multibyte characters when using the iconv function. An\nattacker could possibly use this issue to cause applications to crash,\nresulting in a denial of service. (CVE-2014-6040)\n\nTim Waugh discovered that the GNU C Library incorrectly enforced the\nWRDE_NOCMD flag when handling the wordexp function. An attacker could\npossibly use this issue to execute arbitrary commands. (CVE-2014-7817).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2432-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected libc6 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libc6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libc6\", pkgver:\"2.11.1-0ubuntu7.19\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libc6\", pkgver:\"2.15-0ubuntu10.9\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libc6\", pkgver:\"2.19-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libc6\", pkgver:\"2.19-10ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libc6\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:48:56", "description": "Several vulnerabilities have been fixed in eglibc, Debian's version of\nthe GNU C library :\n\n - CVE-2015-0235\n Qualys discovered that the gethostbyname and\n gethostbyname2 functions were subject to a buffer\n overflow if provided with a crafted IP address argument.\n This could be used by an attacker to execute arbitrary\n code in processes which called the affected functions.\n\n The original glibc bug was reported by Peter Klotz.\n\n - CVE-2014-7817\n Tim Waugh of Red Hat discovered that the WRDE_NOCMD\n option of the wordexp function did not suppress command\n execution in all cases. This allows a context-dependent\n attacker to execute shell commands.\n\n - CVE-2012-6656 CVE-2014-6040\n The charset conversion code for certain IBM multi-byte\n code pages could perform an out-of-bounds array access,\n causing the process to crash. In some scenarios, this\n allows a remote attacker to cause a persistent denial of\n service.", "edition": 16, "published": "2015-01-28T00:00:00", "title": "Debian DSA-3142-1 : eglibc - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0235", "CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "modified": "2015-01-28T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:eglibc", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3142.NASL", "href": "https://www.tenable.com/plugins/nessus/81029", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3142. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81029);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\", \"CVE-2015-0235\");\n script_bugtraq_id(69472, 71216, 72325);\n script_xref(name:\"CERT\", value:\"967332\");\n script_xref(name:\"DSA\", value:\"3142\");\n\n script_name(english:\"Debian DSA-3142-1 : eglibc - security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been fixed in eglibc, Debian's version of\nthe GNU C library :\n\n - CVE-2015-0235\n Qualys discovered that the gethostbyname and\n gethostbyname2 functions were subject to a buffer\n overflow if provided with a crafted IP address argument.\n This could be used by an attacker to execute arbitrary\n code in processes which called the affected functions.\n\n The original glibc bug was reported by Peter Klotz.\n\n - CVE-2014-7817\n Tim Waugh of Red Hat discovered that the WRDE_NOCMD\n option of the wordexp function did not suppress command\n execution in all cases. This allows a context-dependent\n attacker to execute shell commands.\n\n - CVE-2012-6656 CVE-2014-6040\n The charset conversion code for certain IBM multi-byte\n code pages could perform an out-of-bounds array access,\n causing the process to crash. In some scenarios, this\n allows a remote attacker to cause a persistent denial of\n service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-7817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-6656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-6040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3142\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the eglibc packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 2.13-38+deb7u7.\n\nFor the upcoming stable distribution (jessie) and the unstable\ndistribution (sid), the CVE-2015-0235 issue has been fixed in version\n2.18-1 of the glibc package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Exim GHOST (glibc gethostbyname) Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:eglibc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"eglibc\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc-bin\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc-dev-bin\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-dev\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-dev-i386\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-i386\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-i686\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-pic\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-prof\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-amd64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-amd64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-i386\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-mips64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-mipsn32\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-ppc64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-s390\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-s390x\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-sparc64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-i386\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-i686\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-loongson2f\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-mips64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-mipsn32\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-pic\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-ppc64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-prof\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-s390\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-s390x\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-sparc64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-xen\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6.1\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6.1-dev\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6.1-pic\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6.1-prof\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"locales\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"locales-all\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"multiarch-support\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"nscd\", reference:\"2.13-38+deb7u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:18:59", "description": "An out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)", "edition": 24, "published": "2015-01-09T00:00:00", "title": "Amazon Linux AMI : glibc (ALAS-2015-468)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:glibc-debuginfo", "p-cpe:/a:amazon:linux:glibc-devel", "p-cpe:/a:amazon:linux:glibc-utils", "p-cpe:/a:amazon:linux:nscd", "p-cpe:/a:amazon:linux:glibc", "p-cpe:/a:amazon:linux:glibc-common", "p-cpe:/a:amazon:linux:glibc-debuginfo-common", "p-cpe:/a:amazon:linux:glibc-static", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:glibc-headers"], "id": "ALA_ALAS-2015-468.NASL", "href": "https://www.tenable.com/plugins/nessus/80419", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-468.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80419);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\");\n script_xref(name:\"ALAS\", value:\"2015-468\");\n script_xref(name:\"RHSA\", value:\"2015:0016\");\n\n script_name(english:\"Amazon Linux AMI : glibc (ALAS-2015-468)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-468.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update glibc' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"glibc-2.17-55.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-common-2.17-55.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-debuginfo-2.17-55.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-debuginfo-common-2.17-55.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-devel-2.17-55.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-headers-2.17-55.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-static-2.17-55.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"glibc-utils-2.17-55.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nscd-2.17-55.92.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T05:05:08", "description": "Updated glibc packages that fix two security issues and two bugs are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs :\n\n* Previously, when an address lookup using the getaddrinfo() function\nfor the AF_UNSPEC value was performed on a defective DNS server, the\nserver in some cases responded with a valid response for the A record,\nbut a referral response for the AAAA record, which resulted in a\nlookup failure. A prior update was implemented for getaddrinfo() to\nreturn the valid response, but it contained a typographical error, due\nto which the lookup could under some circumstances still fail. This\nerror has been corrected and getaddrinfo() now returns a valid\nresponse in the described circumstances. (BZ#1172023)\n\n* An error in the dlopen() library function previously caused\nrecursive calls to dlopen() to terminate unexpectedly or to abort with\na library assertion. This error has been fixed and recursive calls to\ndlopen() no longer crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "edition": 27, "published": "2015-01-08T00:00:00", "title": "RHEL 6 : glibc (RHSA-2015:0016)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:glibc-static", "p-cpe:/a:redhat:enterprise_linux:glibc-utils", "p-cpe:/a:redhat:enterprise_linux:glibc", "p-cpe:/a:redhat:enterprise_linux:glibc-common", "p-cpe:/a:redhat:enterprise_linux:glibc-devel", "cpe:/o:redhat:enterprise_linux:6.6", "p-cpe:/a:redhat:enterprise_linux:nscd", "p-cpe:/a:redhat:enterprise_linux:glibc-headers", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo", "p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common"], "id": "REDHAT-RHSA-2015-0016.NASL", "href": "https://www.tenable.com/plugins/nessus/80408", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0016. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80408);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/10/24 15:35:39\");\n\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\");\n script_bugtraq_id(69472, 71216);\n script_xref(name:\"RHSA\", value:\"2015:0016\");\n\n script_name(english:\"RHEL 6 : glibc (RHSA-2015:0016)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix two security issues and two bugs are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs :\n\n* Previously, when an address lookup using the getaddrinfo() function\nfor the AF_UNSPEC value was performed on a defective DNS server, the\nserver in some cases responded with a valid response for the A record,\nbut a referral response for the AAAA record, which resulted in a\nlookup failure. A prior update was implemented for getaddrinfo() to\nreturn the valid response, but it contained a typographical error, due\nto which the lookup could under some circumstances still fail. This\nerror has been corrected and getaddrinfo() now returns a valid\nresponse in the described circumstances. (BZ#1172023)\n\n* An error in the dlopen() library function previously caused\nrecursive calls to dlopen() to terminate unexpectedly or to abort with\na library assertion. This error has been fixed and recursive calls to\ndlopen() no longer crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0016\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-6040\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0016\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"glibc-common-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"glibc-common-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"glibc-common-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-debuginfo-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-debuginfo-common-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-devel-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"glibc-headers-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"glibc-headers-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"glibc-headers-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"glibc-static-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"glibc-utils-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"glibc-utils-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"glibc-utils-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"nscd-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"nscd-2.12-1.149.el6_6.4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"nscd-2.12-1.149.el6_6.4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T13:23:25", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Fix recursive dlopen (#1173469).\n\n - Fix typo in res_send and res_query (#rh1172023).\n\n - Fix crashes on invalid input in IBM gconv modules\n (CVE-2014-6040, #1139571).\n\n - Fix wordexp to honour WRDE_NOCMD (CVE-2014-7817,\n #1170121).", "edition": 26, "published": "2015-01-09T00:00:00", "title": "OracleVM 3.3 : glibc (OVMSA-2015-0003)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "modified": "2015-01-09T00:00:00", "cpe": ["cpe:/o:oracle:vm_server:3.3", "p-cpe:/a:oracle:vm:glibc", "p-cpe:/a:oracle:vm:glibc-common", "p-cpe:/a:oracle:vm:nscd"], "id": "ORACLEVM_OVMSA-2015-0003.NASL", "href": "https://www.tenable.com/plugins/nessus/80439", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0003.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80439);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\");\n script_bugtraq_id(69472, 71216);\n\n script_name(english:\"OracleVM 3.3 : glibc (OVMSA-2015-0003)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Fix recursive dlopen (#1173469).\n\n - Fix typo in res_send and res_query (#rh1172023).\n\n - Fix crashes on invalid input in IBM gconv modules\n (CVE-2014-6040, #1139571).\n\n - Fix wordexp to honour WRDE_NOCMD (CVE-2014-7817,\n #1170121).\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2015-January/000255.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2033fa93\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected glibc / glibc-common / nscd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"glibc-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"glibc-common-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"nscd-2.12-1.149.el6_6.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / nscd\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T04:40:40", "description": "From Red Hat Security Advisory 2015:0016 :\n\nUpdated glibc packages that fix two security issues and two bugs are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs :\n\n* Previously, when an address lookup using the getaddrinfo() function\nfor the AF_UNSPEC value was performed on a defective DNS server, the\nserver in some cases responded with a valid response for the A record,\nbut a referral response for the AAAA record, which resulted in a\nlookup failure. A prior update was implemented for getaddrinfo() to\nreturn the valid response, but it contained a typographical error, due\nto which the lookup could under some circumstances still fail. This\nerror has been corrected and getaddrinfo() now returns a valid\nresponse in the described circumstances. (BZ#1172023)\n\n* An error in the dlopen() library function previously caused\nrecursive calls to dlopen() to terminate unexpectedly or to abort with\na library assertion. This error has been fixed and recursive calls to\ndlopen() no longer crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "edition": 24, "published": "2015-01-08T00:00:00", "title": "Oracle Linux 6 : glibc (ELSA-2015-0016)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:nscd", "p-cpe:/a:oracle:linux:glibc-devel", "p-cpe:/a:oracle:linux:glibc-utils", "p-cpe:/a:oracle:linux:glibc-static", "p-cpe:/a:oracle:linux:glibc-headers", "p-cpe:/a:oracle:linux:glibc-common", "p-cpe:/a:oracle:linux:glibc"], "id": "ORACLELINUX_ELSA-2015-0016.NASL", "href": "https://www.tenable.com/plugins/nessus/80407", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:0016 and \n# Oracle Linux Security Advisory ELSA-2015-0016 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80407);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/27 13:00:35\");\n\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\");\n script_bugtraq_id(69472, 71216);\n script_xref(name:\"RHSA\", value:\"2015:0016\");\n\n script_name(english:\"Oracle Linux 6 : glibc (ELSA-2015-0016)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:0016 :\n\nUpdated glibc packages that fix two security issues and two bugs are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs :\n\n* Previously, when an address lookup using the getaddrinfo() function\nfor the AF_UNSPEC value was performed on a defective DNS server, the\nserver in some cases responded with a valid response for the A record,\nbut a referral response for the AAAA record, which resulted in a\nlookup failure. A prior update was implemented for getaddrinfo() to\nreturn the valid response, but it contained a typographical error, due\nto which the lookup could under some circumstances still fail. This\nerror has been corrected and getaddrinfo() now returns a valid\nresponse in the described circumstances. (BZ#1172023)\n\n* An error in the dlopen() library function previously caused\nrecursive calls to dlopen() to terminate unexpectedly or to abort with\na library assertion. This error has been fixed and recursive calls to\ndlopen() no longer crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-January/004773.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected glibc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"glibc-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-common-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-devel-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-headers-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-static-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"glibc-utils-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"nscd-2.12-1.149.el6_6.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-static / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:13:29", "description": " - Fix CVE-2014-6040: crash in code page decoding functions\n (IBM933, IBM935, IBM937, IBM939, IBM1364)\n\n - Fix CVE-2014-7817: command execution in wordexp() with\n WRDE_NOCMD specified\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2015-03-05T00:00:00", "title": "Fedora 20 : glibc-2.18-19.fc20 (2015-2845)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "modified": "2015-03-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:glibc", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2015-2845.NASL", "href": "https://www.tenable.com/plugins/nessus/81616", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-2845.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81616);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\");\n script_bugtraq_id(69472, 71216);\n script_xref(name:\"FEDORA\", value:\"2015-2845\");\n\n script_name(english:\"Fedora 20 : glibc-2.18-19.fc20 (2015-2845)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fix CVE-2014-6040: crash in code page decoding functions\n (IBM933, IBM935, IBM937, IBM939, IBM1364)\n\n - Fix CVE-2014-7817: command execution in wordexp() with\n WRDE_NOCMD specified\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1135841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1157689\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/150631.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c564838b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected glibc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"glibc-2.18-19.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:29:57", "description": "Updated glibc packages that fix two security issues and two bugs are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs :\n\n* Previously, when an address lookup using the getaddrinfo() function\nfor the AF_UNSPEC value was performed on a defective DNS server, the\nserver in some cases responded with a valid response for the A record,\nbut a referral response for the AAAA record, which resulted in a\nlookup failure. A prior update was implemented for getaddrinfo() to\nreturn the valid response, but it contained a typographical error, due\nto which the lookup could under some circumstances still fail. This\nerror has been corrected and getaddrinfo() now returns a valid\nresponse in the described circumstances. (BZ#1172023)\n\n* An error in the dlopen() library function previously caused\nrecursive calls to dlopen() to terminate unexpectedly or to abort with\na library assertion. This error has been fixed and recursive calls to\ndlopen() no longer crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.", "edition": 28, "published": "2015-01-08T00:00:00", "title": "CentOS 6 : glibc (CESA-2015:0016)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "modified": "2015-01-08T00:00:00", "cpe": ["p-cpe:/a:centos:centos:glibc-common", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:nscd", "p-cpe:/a:centos:centos:glibc-utils", "p-cpe:/a:centos:centos:glibc-devel", "p-cpe:/a:centos:centos:glibc-static", "p-cpe:/a:centos:centos:glibc-headers", "p-cpe:/a:centos:centos:glibc"], "id": "CENTOS_RHSA-2015-0016.NASL", "href": "https://www.tenable.com/plugins/nessus/80400", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0016 and \n# CentOS Errata and Security Advisory 2015:0016 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80400);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\");\n script_bugtraq_id(69472, 71216);\n script_xref(name:\"RHSA\", value:\"2015:0016\");\n\n script_name(english:\"CentOS 6 : glibc (CESA-2015:0016)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix two security issues and two bugs are\nnow available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe glibc packages provide the standard C libraries (libc), POSIX\nthread libraries (libpthread), standard math libraries (libm), and the\nName Server Caching Daemon (nscd) used by multiple programs on the\nsystem. Without these libraries, the Linux system cannot function\ncorrectly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs :\n\n* Previously, when an address lookup using the getaddrinfo() function\nfor the AF_UNSPEC value was performed on a defective DNS server, the\nserver in some cases responded with a valid response for the A record,\nbut a referral response for the AAAA record, which resulted in a\nlookup failure. A prior update was implemented for getaddrinfo() to\nreturn the valid response, but it contained a typographical error, due\nto which the lookup could under some circumstances still fail. This\nerror has been corrected and getaddrinfo() now returns a valid\nresponse in the described circumstances. (BZ#1172023)\n\n* An error in the dlopen() library function previously caused\nrecursive calls to dlopen() to terminate unexpectedly or to abort with\na library assertion. This error has been fixed and recursive calls to\ndlopen() no longer crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-January/020863.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8c20447\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected glibc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-6040\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-common-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-devel-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-headers-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-static-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"glibc-utils-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"nscd-2.12-1.149.el6_6.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-static / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T18:23:02", "description": "An out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)\n\nThis update also fixes the following bugs :\n\n - Previously, when an address lookup using the\n getaddrinfo() function for the AF_UNSPEC value was\n performed on a defective DNS server, the server in some\n cases responded with a valid response for the A record,\n but a referral response for the AAAA record, which\n resulted in a lookup failure. A prior update was\n implemented for getaddrinfo() to return the valid\n response, but it contained a typographical error, due to\n which the lookup could under some circumstances still\n fail. This error has been corrected and getaddrinfo()\n now returns a valid response in the described\n circumstances.\n\n - An error in the dlopen() library function previously\n caused recursive calls to dlopen() to terminate\n unexpectedly or to abort with a library assertion. This\n error has been fixed and recursive calls to dlopen() no\n longer crash or abort.", "edition": 14, "published": "2015-01-08T00:00:00", "title": "Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20150107)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "modified": "2015-01-08T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo-common", "p-cpe:/a:fermilab:scientific_linux:glibc", "p-cpe:/a:fermilab:scientific_linux:glibc-common", "p-cpe:/a:fermilab:scientific_linux:glibc-static", "p-cpe:/a:fermilab:scientific_linux:glibc-devel", "p-cpe:/a:fermilab:scientific_linux:nscd", "p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:glibc-utils", "p-cpe:/a:fermilab:scientific_linux:glibc-headers"], "id": "SL_20150107_GLIBC_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/80409", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80409);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/25\");\n\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\");\n\n script_name(english:\"Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20150107)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An out-of-bounds read flaw was found in the way glibc's iconv()\nfunction converted certain encoded data to UTF-8. An attacker able to\nmake an application call the iconv() function with a specially crafted\nargument could use this flaw to crash that application.\n(CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command\nsubstitution even when the WRDE_NOCMD flag was specified. An attacker\nable to provide specially crafted input to an application using the\nwordexp() function, and not sanitizing the input correctly, could\npotentially use this flaw to execute arbitrary commands with the\ncredentials of the user running that application. (CVE-2014-7817)\n\nThis update also fixes the following bugs :\n\n - Previously, when an address lookup using the\n getaddrinfo() function for the AF_UNSPEC value was\n performed on a defective DNS server, the server in some\n cases responded with a valid response for the A record,\n but a referral response for the AAAA record, which\n resulted in a lookup failure. A prior update was\n implemented for getaddrinfo() to return the valid\n response, but it contained a typographical error, due to\n which the lookup could under some circumstances still\n fail. This error has been corrected and getaddrinfo()\n now returns a valid response in the described\n circumstances.\n\n - An error in the dlopen() library function previously\n caused recursive calls to dlopen() to terminate\n unexpectedly or to abort with a library assertion. This\n error has been fixed and recursive calls to dlopen() no\n longer crash or abort.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1501&L=scientific-linux-errata&T=0&P=532\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3edcc27a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"glibc-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-common-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-debuginfo-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-debuginfo-common-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-devel-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-headers-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-static-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-utils-2.12-1.149.el6_6.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nscd-2.12-1.149.el6_6.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-debuginfo / glibc-debuginfo-common / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2016-09-26T17:23:17", "bulletinFamily": "software", "cvelist": ["CVE-2012-6656"], "edition": 1, "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should permit access to F5 products only over a secure network, and limit login access to trusted users. For additional information, refer to SOL13092 - Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n", "modified": "2015-07-23T00:00:00", "published": "2015-04-01T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/300/sol16342.html", "id": "SOL16342", "title": "SOL16342 - GNU C Library (glibc) vulnerability CVE-2012-6656", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-10-12T02:11:15", "bulletinFamily": "software", "cvelist": ["CVE-2014-7817"], "edition": 1, "description": " \n\n\nThe wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing \"$((`...`))\". ([CVE-2014-7817](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7817>))\n\nImpact \n\n\nAn attacker with local access and knowledge of how to make the glibc function trigger an exploit may be able to run arbitrary code. However, the risk level for this vulnerability is considered LOW because F5 product development has verified that the vulnerable code is NOT used in a way that would make an exploit possible.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability, you should permit access to F5 products only over a secure network, and limit login access to trusted users. For additional information, refer to [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "modified": "2016-01-09T02:20:00", "published": "2015-01-22T03:45:00", "href": "https://support.f5.com/csp/article/K16010", "id": "F5:K16010", "title": "GNU C Library (glibc) vulnerability CVE-2014-7817", "type": "f5", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:20", "bulletinFamily": "software", "cvelist": ["CVE-2014-6040"], "edition": 1, "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should permit access to F5 products only over a secure network, and limit login access to trusted users. For additional information, refer to SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n * SOL10025: Managing BIG-IP product hotfixes (10.x)\n * SOL9502: BIG-IP hotfix matrix\n * SOL10322: FirePass hotfix matrix\n * SOL12766: ARX hotfix matrix\n * SOL3430: Installing FirePass hotfixes\n * SOL6664: Obtaining and installing OPSWAT hotfixes\n * SOL10942: Installing OPSWAT hotfixes on BIG-IP APM systems\n", "modified": "2015-09-16T00:00:00", "published": "2015-04-14T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/400/sol16435.html", "id": "SOL16435", "title": "SOL16435 - GNU C Library vulnerability CVE-2014-6040", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:07", "bulletinFamily": "software", "cvelist": ["CVE-2014-7817"], "edition": 1, "description": "*These versions of BIG-IP, BIG-IQ, and Enterprise Manager have a vulnerable version of glibc code. However, the risk level for this vulnerability is considered LOW because F5 product development has verified that the vulnerable code is NOT used in a way that would make an exploit possible.\n\n** These versions of the ARX system have a vulnerable version of glibc. However, F5 product development has reviewed the source code and confirmed that the vulnerable wordexp function is not used by the ARX system, so it is considered not vulnerable.\n\n**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nRecommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should permit access to F5 products only over a secure network, and limit login access to trusted users. For additional information, refer to SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2015-09-16T00:00:00", "published": "2015-01-21T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/000/sol16010.html", "id": "SOL16010", "title": "SOL16010 - GNU C Library (glibc) vulnerability CVE-2014-7817", "type": "f5", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2019-05-30T02:21:41", "bulletinFamily": "unix", "cvelist": ["CVE-2015-0235", "CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3142-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 27, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : eglibc\nCVE ID : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817 CVE-2015-0235\n\nSeveral vulnerabilities have been fixed in eglibc, Debian's version of\nthe GNU C library:\n\nCVE-2015-0235\n\n Qualys discovered that the gethostbyname and gethostbyname2\n functions were subject to a buffer overflow if provided with a\n crafted IP address argument. This could be used by an attacker to\n execute arbitrary code in processes which called the affected\n functions.\n\n The original glibc bug was reported by Peter Klotz.\n\nCVE-2014-7817\n\n Tim Waugh of Red Hat discovered that the WRDE_NOCMD option of the\n wordexp function did not suppress command execution in all cases.\n This allows a context-dependent attacker to execute shell\n commands.\n\nCVE-2012-6656\nCVE-2014-6040\n\n The charset conversion code for certain IBM multi-byte code pages\n could perform an out-of-bounds array access, causing the process\n to crash. In some scenarios, this allows a remote attacker to\n cause a persistent denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 2.13-38+deb7u7.\n\nFor the upcoming stable distribution (jessie) and the unstable\ndistribution (sid), the CVE-2015-0235 issue has been fixed in version\n2.18-1 of the glibc package.\n\nWe recommend that you upgrade your eglibc packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2015-01-27T15:39:21", "published": "2015-01-27T15:39:21", "id": "DEBIAN:DSA-3142-1:A3964", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00025.html", "title": "[SECURITY] [DSA 3142-1] eglibc security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-24T12:53:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0235", "CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "description": "Several vulnerabilities have been\nfixed in eglibc, Debian", "modified": "2017-07-07T00:00:00", "published": "2015-01-27T00:00:00", "id": "OPENVAS:703142", "href": "http://plugins.openvas.org/nasl.php?oid=703142", "type": "openvas", "title": "Debian Security Advisory DSA 3142-1 (eglibc - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3142.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3142-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703142);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\", \"CVE-2015-0235\");\n script_name(\"Debian Security Advisory DSA 3142-1 (eglibc - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-01-27 00:00:00 +0100 (Tue, 27 Jan 2015)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3142.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"eglibc on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthese problems have been fixed in version 2.13-38+deb7u7.\n\nFor the upcoming stable distribution (jessie) and the unstable\ndistribution (sid), the\nCVE-2015-0235\n\nissue has been fixed in version 2.18-1 of the glibc package.\n\nWe recommend that you upgrade your eglibc packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been\nfixed in eglibc, Debian's version of the GNU C library:\n\nCVE-2015-0235\nQualys discovered that the gethostbyname and gethostbyname2\nfunctions were subject to a buffer overflow if provided with a\ncrafted IP address argument. This could be used by an attacker to\nexecute arbitrary code in processes which called the affected\nfunctions.\n\nThe original glibc bug was reported by Peter Klotz.\n\nCVE-2014-7817\nTim Waugh of Red Hat discovered that the WRDE_NOCMD option of the\nwordexp function did not suppress command execution in all cases.\nThis allows a context-dependent attacker to execute shell\ncommands.\n\nCVE-2012-6656 CVE-2014-6040\nThe charset conversion code for certain IBM multi-byte code pages\ncould perform an out-of-bounds array access, causing the process\nto crash. In some scenarios, this allows a remote attacker to\ncause a persistent denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"eglibc-source\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"glibc-doc\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc-bin\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc-dev-bin\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-dbg\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-dev\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-dev-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-i686\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-pic\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-prof\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-amd64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dbg\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-amd64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-mips64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-mipsn32\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-ppc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-s390\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-s390x\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-sparc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-i686\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-loongson2f\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-mips64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-mipsn32\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-pic\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-ppc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-prof\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-s390\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-s390x\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-sparc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-xen\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-dbg\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-dev\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-pic\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-prof\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-dns-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-files-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"locales\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"locales-all\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"multiarch-support\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nscd\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-0235", "CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "description": "Several vulnerabilities have been\nfixed in eglibc, Debian", "modified": "2019-03-18T00:00:00", "published": "2015-01-27T00:00:00", "id": "OPENVAS:1361412562310703142", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703142", "type": "openvas", "title": "Debian Security Advisory DSA 3142-1 (eglibc - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3142.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3142-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703142\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\", \"CVE-2015-0235\");\n script_name(\"Debian Security Advisory DSA 3142-1 (eglibc - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-27 00:00:00 +0100 (Tue, 27 Jan 2015)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3142.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"eglibc on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy),\nthese problems have been fixed in version 2.13-38+deb7u7.\n\nFor the upcoming stable distribution (jessie) and the unstable\ndistribution (sid), the\nCVE-2015-0235\n\nissue has been fixed in version 2.18-1 of the glibc package.\n\nWe recommend that you upgrade your eglibc packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been\nfixed in eglibc, Debian's version of the GNU C library:\n\nCVE-2015-0235\nQualys discovered that the gethostbyname and gethostbyname2\nfunctions were subject to a buffer overflow if provided with a\ncrafted IP address argument. This could be used by an attacker to\nexecute arbitrary code in processes which called the affected\nfunctions.\n\nThe original glibc bug was reported by Peter Klotz.\n\nCVE-2014-7817\nTim Waugh of Red Hat discovered that the WRDE_NOCMD option of the\nwordexp function did not suppress command execution in all cases.\nThis allows a context-dependent attacker to execute shell\ncommands.\n\nCVE-2012-6656 CVE-2014-6040\nThe charset conversion code for certain IBM multi-byte code pages\ncould perform an out-of-bounds array access, causing the process\nto crash. In some scenarios, this allows a remote attacker to\ncause a persistent denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"eglibc-source\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"glibc-doc\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc-bin\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc-dev-bin\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc0.1\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc0.1-dbg\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc0.1-dev\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc0.1-dev-i386\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc0.1-i386\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc0.1-i686\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc0.1-pic\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc0.1-prof\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc0.1-udeb\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-amd64\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dbg\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dev\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dev-amd64\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dev-i386\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dev-mips64\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dev-mipsn32\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dev-ppc64\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dev-s390\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dev-s390x\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-dev-sparc64\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-i386\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-i686\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-loongson2f\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-mips64\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-mipsn32\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-pic\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-ppc64\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-prof\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-s390\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-s390x\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-sparc64\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-udeb\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6-xen\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6.1\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6.1-dbg\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6.1-dev\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6.1-pic\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6.1-prof\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc6.1-udeb\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss-dns-udeb\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libnss-files-udeb\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"locales\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"locales-all\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"multiarch-support\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nscd\", ver:\"2.13-38+deb7u7\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-07T18:46:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7817"], "description": "The remote host is missing a security patch.", "modified": "2020-04-03T00:00:00", "published": "2015-09-19T00:00:00", "id": "OPENVAS:1361412562310105372", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105372", "type": "openvas", "title": "F5 BIG-IP - SOL16010 - GNU C Library (glibc) vulnerability CVE-2014-7817", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# F5 BIG-IP - SOL16010 - GNU C Library (glibc) vulnerability CVE-2014-7817\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:f5:big-ip\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105372\");\n script_cve_id(\"CVE-2014-7817\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"2020-04-03T06:15:47+0000\");\n\n script_name(\"F5 BIG-IP - SOL16010 - GNU C Library (glibc) vulnerability CVE-2014-7817\");\n\n script_xref(name:\"URL\", value:\"https://support.f5.com/kb/en-us/solutions/public/16000/000/sol16010.html\");\n\n script_tag(name:\"impact\", value:\"An attacker with local access and knowledge of how to make the glibc function trigger an exploit may be able to run arbitrary code. However, the risk level for this vulnerability is considered LOW because F5 product development has verified that the vulnerable code is NOT used in a way that would make an exploit possible.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing '$((`...`))'. (CVE-2014-7817)\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing a security patch.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2020-04-03 06:15:47 +0000 (Fri, 03 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-09-19 10:38:36 +0200 (Sat, 19 Sep 2015)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"F5 Local Security Checks\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gb_f5_big_ip_version.nasl\");\n script_mandatory_keys(\"f5/big_ip/version\", \"f5/big_ip/active_modules\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"list_array_func.inc\");\ninclude(\"f5.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) )\n exit( 0 );\n\ncheck_f5['LTM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AAM'] = make_array( 'affected', '11.4.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AFM'] = make_array( 'affected', '11.3.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AVR'] = make_array( 'affected', '11.0.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['APM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['ASM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['LC'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['PEM'] = make_array( 'affected', '11.3.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\nif( report = f5_is_vulnerable( ca:check_f5, version:version ) ) {\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-01-23T00:00:00", "id": "OPENVAS:1361412562310871301", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871301", "type": "openvas", "title": "RedHat Update for glibc RHSA-2015:0016-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2015:0016-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871301\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:55:28 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Update for glibc RHSA-2015:0016-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv() function\nconverted certain encoded data to UTF-8. An attacker able to make an\napplication call the iconv() function with a specially crafted argument\ncould use this flaw to crash that application. (CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command substitution\neven when the WRDE_NOCMD flag was specified. An attacker able to provide\nspecially crafted input to an application using the wordexp() function, and\nnot sanitizing the input correctly, could potentially use this flaw to\nexecute arbitrary commands with the credentials of the user running that\napplication. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs:\n\n * Previously, when an address lookup using the getaddrinfo() function for\nthe AF_UNSPEC value was performed on a defective DNS server, the server in\nsome cases responded with a valid response for the A record, but a referral\nresponse for the AAAA record, which resulted in a lookup failure. A prior\nupdate was implemented for getaddrinfo() to return the valid response, but\nit contained a typographical error, due to which the lookup could under\nsome circumstances still fail. This error has been corrected and\ngetaddrinfo() now returns a valid response in the described circumstances.\n(BZ#1172023)\n\n * An error in the dlopen() library function previously caused recursive\ncalls to dlopen() to terminate unexpectedly or to abort with a library\nassertion. This error has been fixed and recursive calls to dlopen() no\nlonger crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:0016-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-January/msg00005.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.149.el6_6.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.149.el6_6.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.149.el6_6.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.12~1.149.el6_6.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.149.el6_6.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.149.el6_6.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.149.el6_6.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.149.el6_6.4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "description": "Oracle Linux Local Security Checks ELSA-2015-0016", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123206", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123206", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-0016", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-0016.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123206\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:00:43 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-0016\");\n script_tag(name:\"insight\", value:\"ELSA-2015-0016 - glibc security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-0016\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-0016.html\");\n script_cve_id(\"CVE-2014-7817\", \"CVE-2014-6040\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.149.el6_6.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.149.el6_6.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.149.el6_6.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.149.el6_6.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.149.el6_6.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.149.el6_6.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.149.el6_6.4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "description": "Check the version of glibc", "modified": "2019-03-08T00:00:00", "published": "2015-01-23T00:00:00", "id": "OPENVAS:1361412562310882090", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882090", "type": "openvas", "title": "CentOS Update for glibc CESA-2015:0016 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2015:0016 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882090\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 12:56:20 +0100 (Fri, 23 Jan 2015)\");\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Update for glibc CESA-2015:0016 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of glibc\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv() function\nconverted certain encoded data to UTF-8. An attacker able to make an\napplication call the iconv() function with a specially crafted argument\ncould use this flaw to crash that application. (CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command substitution\neven when the WRDE_NOCMD flag was specified. An attacker able to provide\nspecially crafted input to an application using the wordexp() function, and\nnot sanitizing the input correctly, could potentially use this flaw to\nexecute arbitrary commands with the credentials of the user running that\napplication. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs:\n\n * Previously, when an address lookup using the getaddrinfo() function for\nthe AF_UNSPEC value was performed on a defective DNS server, the server in\nsome cases responded with a valid response for the A record, but a referral\nresponse for the AAAA record, which resulted in a lookup failure. A prior\nupdate was implemented for getaddrinfo() to return the valid response, but\nit contained a typographical error, due to which the lookup could under\nsome circumstances still fail. This error has been corrected and\ngetaddrinfo() now returns a valid response in the described circumstances.\n(BZ#1172023)\n\n * An error in the dlopen() library function previously caused recursive\ncalls to dlopen() to terminate unexpectedly or to abort with a library\nassertion. This error has been fixed and recursive calls to dlopen() no\nlonger crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\");\n script_tag(name:\"affected\", value:\"glibc on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:0016\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-January/020863.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.149.el6_6.4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.149.el6_6.4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.149.el6_6.4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.149.el6_6.4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.149.el6_6.4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.149.el6_6.4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.149.el6_6.4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T22:59:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120455", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120455", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-468)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120455\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:26:45 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-468)\");\n script_tag(name:\"insight\", value:\"An out-of-bounds read flaw was found in the way glibc's iconv() function converted certain encoded data to UTF-8. An attacker able to make an application call the iconv() function with a specially crafted argument could use this flaw to crash that application. (CVE-2014-6040 )It was found that the wordexp() function would perform command substitution even when the WRDE_NOCMD flag was specified. An attacker able to provide specially crafted input to an application using the wordexp() function, and not sanitizing the input correctly, could potentially use this flaw to execute arbitrary commands with the credentials of the user running that application. (CVE-2014-7817 )\");\n script_tag(name:\"solution\", value:\"Run yum update glibc to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-468.html\");\n script_cve_id(\"CVE-2014-7817\", \"CVE-2014-6040\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.17~55.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.17~55.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.17~55.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.17~55.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.17~55.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.17~55.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.17~55.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.17~55.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.17~55.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T18:37:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2013-4357", "CVE-2012-6656"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2015-10-16T00:00:00", "id": "OPENVAS:1361412562310851101", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851101", "type": "openvas", "title": "SUSE: Security Advisory for glibc (SUSE-SU-2014:1129-1)", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851101\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 20:03:09 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2012-6656\", \"CVE-2013-4357\", \"CVE-2014-5119\", \"CVE-2014-6040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for glibc (SUSE-SU-2014:1129-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This glibc update fixes a critical privilege escalation problem and two\n additional issues:\n\n * bnc#892073: An off-by-one error leading to a heap-based buffer\n overflow was found in __gconv_translit_find(). An exploit that\n targets the problem is publicly available. (CVE-2014-5119)\n\n * bnc#836746: Avoid race between {, __de}allocate_stack and\n __reclaim_stacks during fork.\n\n * bnc#844309: Fixed various overflows, reading large /etc/hosts or\n long names. (CVE-2013-4357)\n\n * bnc#894553, bnc#894556: Fixed various crashes on invalid input in\n IBM gconv modules. (CVE-2014-6040, CVE-2012-6656)\");\n\n script_tag(name:\"affected\", value:\"glibc on SUSE Linux Enterprise Server 11 SP2 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:1129-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-html\", rpm:\"glibc-html~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-info\", rpm:\"glibc-info~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-locale\", rpm:\"glibc-locale~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-32bit\", rpm:\"glibc-32bit~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-devel-32bit\", rpm:\"glibc-devel-32bit~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-locale-32bit\", rpm:\"glibc-locale-32bit~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"glibc-profile-32bit\", rpm:\"glibc-profile-32bit~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2014-7817", "CVE-2014-0475"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-03-05T00:00:00", "id": "OPENVAS:1361412562310869060", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869060", "type": "openvas", "title": "Fedora Update for glibc FEDORA-2015-2845", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for glibc FEDORA-2015-2845\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869060\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-05 05:43:08 +0100 (Thu, 05 Mar 2015)\");\n script_cve_id(\"CVE-2014-6040\", \"CVE-2014-7817\", \"CVE-2014-5119\", \"CVE-2014-0475\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for glibc FEDORA-2015-2845\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"glibc on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-2845\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/150631.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.18~19.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-7817"], "description": "Oracle Linux Local Security Checks ELSA-2014-2023", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123217", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123217", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-2023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-2023.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123217\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:00:51 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-2023\");\n script_tag(name:\"insight\", value:\"ELSA-2014-2023 - glibc security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-2023\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-2023.html\");\n script_cve_id(\"CVE-2014-7817\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.17~55.0.4.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.17~55.0.4.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.17~55.0.4.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.17~55.0.4.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.17~55.0.4.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.17~55.0.4.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.17~55.0.4.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:28:29", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "description": "**CentOS Errata and Security Advisory** CESA-2015:0016\n\n\nThe glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv() function\nconverted certain encoded data to UTF-8. An attacker able to make an\napplication call the iconv() function with a specially crafted argument\ncould use this flaw to crash that application. (CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command substitution\neven when the WRDE_NOCMD flag was specified. An attacker able to provide\nspecially crafted input to an application using the wordexp() function, and\nnot sanitizing the input correctly, could potentially use this flaw to\nexecute arbitrary commands with the credentials of the user running that\napplication. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs:\n\n* Previously, when an address lookup using the getaddrinfo() function for\nthe AF_UNSPEC value was performed on a defective DNS server, the server in\nsome cases responded with a valid response for the A record, but a referral\nresponse for the AAAA record, which resulted in a lookup failure. A prior\nupdate was implemented for getaddrinfo() to return the valid response, but\nit contained a typographical error, due to which the lookup could under\nsome circumstances still fail. This error has been corrected and\ngetaddrinfo() now returns a valid response in the described circumstances.\n(BZ#1172023)\n\n* An error in the dlopen() library function previously caused recursive\ncalls to dlopen() to terminate unexpectedly or to abort with a library\nassertion. This error has been fixed and recursive calls to dlopen() no\nlonger crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-January/032901.html\n\n**Affected packages:**\nglibc\nglibc-common\nglibc-devel\nglibc-headers\nglibc-static\nglibc-utils\nnscd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-0016.html", "edition": 3, "modified": "2015-01-07T22:45:41", "published": "2015-01-07T22:45:41", "href": "http://lists.centos.org/pipermail/centos-announce/2015-January/032901.html", "id": "CESA-2015:0016", "title": "glibc, nscd security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-12-20T18:28:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7817"], "description": "**CentOS Errata and Security Advisory** CESA-2014:2023\n\n\nThe glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name\nServer Caching Daemon (nscd) used by multiple programs on the system.\nWithout these libraries, the Linux system cannot function correctly.\n\nIt was found that the wordexp() function would perform command substitution\neven when the WRDE_NOCMD flag was specified. An attacker able to provide\nspecially crafted input to an application using the wordexp() function, and\nnot sanitizing the input correctly, could potentially use this flaw to\nexecute arbitrary commands with the credentials of the user running that\napplication. (CVE-2014-7817)\n\nThis issue was discovered by Tim Waugh of the Red Hat Developer Experience\nTeam.\n\nThis update also fixes the following bug:\n\n* Prior to this update, if a file stream that was opened in append mode and\nits underlying file descriptor were used at the same time and the file was\ntruncated using the ftruncate() function on the file descriptor, a\nsubsequent ftell() call on the stream incorrectly modified the file offset\nby seeking to the new end of the file. This update ensures that ftell()\nmodifies the state of the file stream only when it is in append mode and\nits buffer is not empty. As a result, the described incorrect changes to\nthe file offset no longer occur. (BZ#1170187)\n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-December/032887.html\n\n**Affected packages:**\nglibc\nglibc-common\nglibc-devel\nglibc-headers\nglibc-static\nglibc-utils\nnscd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-2023.html", "edition": 3, "modified": "2014-12-19T12:43:11", "published": "2014-12-19T12:43:11", "href": "http://lists.centos.org/pipermail/centos-announce/2014-December/032887.html", "id": "CESA-2014:2023", "title": "glibc, nscd security update", "type": "centos", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:25:47", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6040", "CVE-2014-8121"], "description": "**CentOS Errata and Security Advisory** CESA-2015:0327\n\n\nThe glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv() function\nconverted certain encoded data to UTF-8. An attacker able to make an\napplication call the iconv() function with a specially crafted argument\ncould use this flaw to crash that application. (CVE-2014-6040)\n\nIt was found that the files back end of Name Service Switch (NSS) did not\nisolate iteration over an entire database from key-based look-up API calls.\nAn application performing look-ups on a database while iterating over it\ncould enter an infinite loop, leading to a denial of service.\n(CVE-2014-8121)\n\nThis update also fixes the following bugs:\n\n* Due to problems with buffer extension and reallocation, the nscd daemon\nterminated unexpectedly with a segmentation fault when processing long\nnetgroup entries. With this update, the handling of long netgroup entries\nhas been corrected and nscd no longer crashes in the described scenario.\n(BZ#1138520)\n\n* If a file opened in append mode was truncated with the ftruncate()\nfunction, a subsequent ftell() call could incorrectly modify the file\noffset. This update ensures that ftell() modifies the stream state only\nwhen it is in append mode and the buffer for the stream is not empty.\n(BZ#1156331)\n\n* A defect in the C library headers caused builds with older compilers to\ngenerate incorrect code for the btowc() function in the older compatibility C++\nstandard library. Applications calling btowc() in the compatibility C++ standard\nlibrary became unresponsive. With this update, the C library headers have been\ncorrected, and the compatibility C++ standard library shipped with Red Hat\nEnterprise Linux has been rebuilt. Applications that rely on the compatibility\nC++ standard library no longer hang when calling btowc(). (BZ#1120490)\n\n* Previously, when using netgroups and the nscd daemon was set up to cache\nnetgroup information, the sudo utility denied access to valid users. The bug in\nnscd has been fixed, and sudo now works in netgroups as\nexpected. (BZ#1080766)\n\nUsers of glibc are advised to upgrade to these updated packages, which fix these\nissues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-March/007756.html\n\n**Affected packages:**\nglibc\nglibc-common\nglibc-devel\nglibc-headers\nglibc-static\nglibc-utils\nnscd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-0327.html", "edition": 3, "modified": "2015-03-17T13:28:04", "published": "2015-03-17T13:28:04", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-March/007756.html", "id": "CESA-2015:0327", "title": "glibc, nscd security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:36:01", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "description": "**Issue Overview:**\n\nAn out-of-bounds read flaw was found in the way glibc's iconv() function converted certain encoded data to UTF-8. An attacker able to make an application call the iconv() function with a specially crafted argument could use this flaw to crash that application. ([CVE-2014-6040 __](<https://access.redhat.com/security/cve/CVE-2014-6040>))\n\nIt was found that the wordexp() function would perform command substitution even when the WRDE_NOCMD flag was specified. An attacker able to provide specially crafted input to an application using the wordexp() function, and not sanitizing the input correctly, could potentially use this flaw to execute arbitrary commands with the credentials of the user running that application. ([CVE-2014-7817 __](<https://access.redhat.com/security/cve/CVE-2014-7817>))\n\n \n**Affected Packages:** \n\n\nglibc\n\n \n**Issue Correction:** \nRun _yum update glibc_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n glibc-common-2.17-55.92.amzn1.i686 \n glibc-devel-2.17-55.92.amzn1.i686 \n glibc-debuginfo-2.17-55.92.amzn1.i686 \n glibc-utils-2.17-55.92.amzn1.i686 \n glibc-debuginfo-common-2.17-55.92.amzn1.i686 \n nscd-2.17-55.92.amzn1.i686 \n glibc-static-2.17-55.92.amzn1.i686 \n glibc-headers-2.17-55.92.amzn1.i686 \n glibc-2.17-55.92.amzn1.i686 \n \n src: \n glibc-2.17-55.92.amzn1.src \n \n x86_64: \n glibc-2.17-55.92.amzn1.x86_64 \n glibc-utils-2.17-55.92.amzn1.x86_64 \n nscd-2.17-55.92.amzn1.x86_64 \n glibc-headers-2.17-55.92.amzn1.x86_64 \n glibc-static-2.17-55.92.amzn1.x86_64 \n glibc-debuginfo-2.17-55.92.amzn1.x86_64 \n glibc-debuginfo-common-2.17-55.92.amzn1.x86_64 \n glibc-common-2.17-55.92.amzn1.x86_64 \n glibc-devel-2.17-55.92.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2015-01-08T12:38:00", "published": "2015-01-08T12:38:00", "id": "ALAS-2015-468", "href": "https://alas.aws.amazon.com/ALAS-2015-468.html", "title": "Medium: glibc", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-11-10T12:37:40", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6040", "CVE-2014-8121"], "description": "**Issue Overview:**\n\nAn out-of-bounds read flaw was found in the way glibc's iconv() function converted certain encoded data to UTF-8. An attacker able to make an application call the iconv() function with a specially crafted argument could use this flaw to crash that application. ([CVE-2014-6040 __](<https://access.redhat.com/security/cve/CVE-2014-6040>))\n\nIt was found that the files back end of Name Service Switch (NSS) did not isolate iteration over an entire database from key-based look-up API calls. An application performing look-ups on a database while iterating over it could enter an infinite loop, leading to a denial of service. ([CVE-2014-8121 __](<https://access.redhat.com/security/cve/CVE-2014-8121>))\n\n \n**Affected Packages:** \n\n\nglibc\n\n \n**Issue Correction:** \nRun _yum update glibc_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n glibc-2.17-55.139.amzn1.i686 \n glibc-common-2.17-55.139.amzn1.i686 \n glibc-static-2.17-55.139.amzn1.i686 \n glibc-devel-2.17-55.139.amzn1.i686 \n glibc-headers-2.17-55.139.amzn1.i686 \n glibc-debuginfo-common-2.17-55.139.amzn1.i686 \n glibc-debuginfo-2.17-55.139.amzn1.i686 \n glibc-utils-2.17-55.139.amzn1.i686 \n nscd-2.17-55.139.amzn1.i686 \n \n src: \n glibc-2.17-55.139.amzn1.src \n \n x86_64: \n glibc-debuginfo-2.17-55.139.amzn1.x86_64 \n glibc-devel-2.17-55.139.amzn1.x86_64 \n glibc-headers-2.17-55.139.amzn1.x86_64 \n nscd-2.17-55.139.amzn1.x86_64 \n glibc-common-2.17-55.139.amzn1.x86_64 \n glibc-2.17-55.139.amzn1.x86_64 \n glibc-static-2.17-55.139.amzn1.x86_64 \n glibc-utils-2.17-55.139.amzn1.x86_64 \n glibc-debuginfo-common-2.17-55.139.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2015-03-23T08:30:00", "published": "2015-03-23T08:30:00", "id": "ALAS-2015-495", "href": "https://alas.aws.amazon.com/ALAS-2015-495.html", "title": "Medium: glibc", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:41", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "description": "[2.12-1.149.4]\n- Fix recursive dlopen() (#1173469).\n[2.12-1.149.3]\n- Fix typo in res_send and res_query (#rh1172023).\n[2.12-1.149.2]\n- Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040, #1139571).\n[2.12-1.149.1]\n- Fix wordexp() to honour WRDE_NOCMD (CVE-2014-7817, #1170121).", "edition": 4, "modified": "2015-01-07T00:00:00", "published": "2015-01-07T00:00:00", "id": "ELSA-2015-0016", "href": "http://linux.oracle.com/errata/ELSA-2015-0016.html", "title": "glibc security and bug fix update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:35", "bulletinFamily": "unix", "cvelist": ["CVE-2015-0235", "CVE-2014-5119", "CVE-2014-6040", "CVE-2014-8121", "CVE-2014-7817", "CVE-2014-0475"], "description": "[2.17-78.0.1]\n- Remove strstr and strcasestr implementations using sse4.2 instructions.\n- Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and\n 1818483b15d22016b0eae41d37ee91cc87b37510 backported.\n[2.17-78]\n- Fix ppc64le builds (#1077389).\n[2.17-77]\n- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183545).\n[2.17-76]\n- Fix application crashes during calls to gettimeofday on ppc64\n when kernel exports gettimeofday via VDSO (#1077389).\n- Prevent NSS-based file backend from entering infinite loop\n when different APIs request the same service (CVE-2014-8121, #1182272).\n[2.17-75]\n- Fix permission of debuginfo source files to allow multiarch\n debuginfo packages to be installed and upgraded (#1170110).\n[2.17-74]\n- Fix wordexp() to honour WRDE_NOCMD (CVE-2014-7817, #1170487).\n[2.17-73]\n- ftell: seek to end only when there are unflushed bytes (#1156331).\n[2.17-72]\n- [s390] Fix up _dl_argv after adjusting arguments in _dl_start_user (#1161666).\n[2.17-71]\n- Fix incorrect handling of relocations in 64-bit LE mode for Power\n (#1162847).\n[2.17-70]\n- [s390] Retain stack alignment when skipping over loader argv (#1161666).\n[2.17-69]\n- Use __int128_t in link.h to support older compiler (#1120490).\n[2.17-68]\n- Revert to defining __extern_inline only for gcc-4.3+ (#1120490).\n[2.17-67]\n- Correct a defect in the generated math error table in the manual (#786638).\n[2.17-66]\n- Include preliminary thread, signal and cancellation safety documentation\n in manual (#786638).\n[2.17-65]\n- PowerPC 32-bit and 64-bit optimized function support using STT_GNU_IFUNC\n (#731837).\n- Support running Intel MPX-enabled applications (#1132518).\n- Support running Intel AVX-512-enabled applications (#1140272).\n[2.17-64]\n- Fix crashes on invalid input in IBM gconv modules (#1140474, CVE-2014-6040).\n[2.17-63]\n- Build build-locale-archive statically (#1070611).\n- Return failure in getnetgrent only when all netgroups have been searched\n (#1085313).\n[2.17-62]\n- Don't use alloca in addgetnetgrentX (#1138520).\n- Adjust pointers to triplets in netgroup query data (#1138520).\n[2.17-61]\n- Set CS_PATH to just /use/bin (#1124453).\n- Add systemtap probe in lll_futex_wake for ppc and s390 (#1084089).\n[2.17-60]\n- Add mmap usage to malloc_info output (#1103856).\n- Fix nscd lookup for innetgr when netgroup has wildcards (#1080766).\n- Fix memory order when reading libgcc handle (#1103874).\n- Fix typo in nscd/selinux.c (#1125306).\n- Do not fail if one of the two responses to AF_UNSPEC fails (#1098047).\n[2.17-59]\n- Provide correct buffer length to netgroup queries in nscd (#1083647).\n- Return NULL for wildcard values in getnetgrent from nscd (#1085290).\n- Avoid overlapping addresses to stpcpy calls in nscd (#1083644).\n- Initialize all of datahead structure in nscd (#1083646).\n[2.17-58]\n- Remove gconv transliteration loadable modules support (CVE-2014-5119,\n - _nl_find_locale: Improve handling of crafted locale names (CVE-2014-0475,\n[2.17-57]\n- Merge 64-bit ARM (AArch64) support (#1027179).\n- Fix build failure for rtkaio/tst-aiod2.c and rtkaio/tst-aiod3.c.\n[2.17-56]\n- Merge LE 64-bit POWER support (#1125513).\n[2.17-55.4]\n- Fix tst-cancel4, tst-cancelx4, tst-cancel5, and tst-cancelx5 for all targets.\n- Fix tst-ildoubl, and tst-ldouble for POWER.\n- Allow LE 64-bit POWER to build with VSX if enabled (#1124048).\n[2.17-55.3]\n- Fix ppc64le ABI issue with pthread_atfork being present in libpthread.so.0.\n[2.17-55.2]\n- Add ABI baseline for 64-bit POWER LE.\n[2.17-55.1]\n- Add 64-bit POWER LE support.", "edition": 4, "modified": "2015-03-09T00:00:00", "published": "2015-03-09T00:00:00", "id": "ELSA-2015-0327", "href": "http://linux.oracle.com/errata/ELSA-2015-0327.html", "title": "glibc security and bug fix update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:58", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5119", "CVE-2014-7817", "CVE-2014-0475"], "description": "[2.17-55.0.4.el7_0.3]\n- Remove strstr and strcasestr implementations using sse4.2 instructions.\n- Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and\n 1818483b15d22016b0eae41d37ee91cc87b37510 backported. (Jose E. Marchesi)\n[2.17-55.3]\n- Fix wordexp() to honour WRDE_NOCMD (CVE-2014-7817, #1170118)\n[2.17-55.2]\n- ftell: seek to end only when there are unflushed bytes (#1170187).\n[2.17-55.1]\n- Remove gconv transliteration loadable modules support (CVE-2014-5119,\n - _nl_find_locale: Improve handling of crafted locale names (CVE-2014-0475,", "edition": 4, "modified": "2014-12-18T00:00:00", "published": "2014-12-18T00:00:00", "id": "ELSA-2014-2023", "href": "http://linux.oracle.com/errata/ELSA-2014-2023.html", "title": "glibc security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:07", "bulletinFamily": "unix", "cvelist": ["CVE-2015-0235", "CVE-2014-5119", "CVE-2014-7817", "CVE-2014-0475"], "description": " Oracle Linux 7: \n[2.17-55.0.4.el7_0.5]\n- Remove strstr and strcasestr implementations using sse4.2 instructions.\n- Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and\n 1818483b15d22016b0eae41d37ee91cc87b37510 backported. (Jose E. Marchesi)\n[2.17-55.5]\n- Rebuild and run regression testing.\n[2.17-55.4]\n- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183535).\n[2.17-55.3]\n- Fix wordexp() to honour WRDE_NOCMD (CVE-2014-7817, #1170118)\n[2.17-55.2]\n- ftell: seek to end only when there are unflushed bytes (#1170187).\n[2.17-55.1]\n- Remove gconv transliteration loadable modules support (CVE-2014-5119,\n - _nl_find_locale: Improve handling of crafted locale names (CVE-2014-0475,\nOracle Linux 6 :\n[2.12-1.149.5]\n- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183533).", "edition": 4, "modified": "2015-01-27T00:00:00", "published": "2015-01-27T00:00:00", "id": "ELSA-2015-0092", "href": "http://linux.oracle.com/errata/ELSA-2015-0092.html", "title": "glibc security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:24", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6040", "CVE-2014-7817"], "description": "The glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv() function\nconverted certain encoded data to UTF-8. An attacker able to make an\napplication call the iconv() function with a specially crafted argument\ncould use this flaw to crash that application. (CVE-2014-6040)\n\nIt was found that the wordexp() function would perform command substitution\neven when the WRDE_NOCMD flag was specified. An attacker able to provide\nspecially crafted input to an application using the wordexp() function, and\nnot sanitizing the input correctly, could potentially use this flaw to\nexecute arbitrary commands with the credentials of the user running that\napplication. (CVE-2014-7817)\n\nThe CVE-2014-7817 issue was discovered by Tim Waugh of the Red Hat\nDeveloper Experience Team.\n\nThis update also fixes the following bugs:\n\n* Previously, when an address lookup using the getaddrinfo() function for\nthe AF_UNSPEC value was performed on a defective DNS server, the server in\nsome cases responded with a valid response for the A record, but a referral\nresponse for the AAAA record, which resulted in a lookup failure. A prior\nupdate was implemented for getaddrinfo() to return the valid response, but\nit contained a typographical error, due to which the lookup could under\nsome circumstances still fail. This error has been corrected and\ngetaddrinfo() now returns a valid response in the described circumstances.\n(BZ#1172023)\n\n* An error in the dlopen() library function previously caused recursive\ncalls to dlopen() to terminate unexpectedly or to abort with a library\nassertion. This error has been fixed and recursive calls to dlopen() no\nlonger crash or abort. (BZ#1173469)\n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n", "modified": "2018-06-06T20:24:20", "published": "2015-01-07T05:00:00", "id": "RHSA-2015:0016", "href": "https://access.redhat.com/errata/RHSA-2015:0016", "type": "redhat", "title": "(RHSA-2015:0016) Moderate: glibc security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:45:04", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7817"], "description": "The glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name\nServer Caching Daemon (nscd) used by multiple programs on the system.\nWithout these libraries, the Linux system cannot function correctly.\n\nIt was found that the wordexp() function would perform command substitution\neven when the WRDE_NOCMD flag was specified. An attacker able to provide\nspecially crafted input to an application using the wordexp() function, and\nnot sanitizing the input correctly, could potentially use this flaw to\nexecute arbitrary commands with the credentials of the user running that\napplication. (CVE-2014-7817)\n\nThis issue was discovered by Tim Waugh of the Red Hat Developer Experience\nTeam.\n\nThis update also fixes the following bug:\n\n* Prior to this update, if a file stream that was opened in append mode and\nits underlying file descriptor were used at the same time and the file was\ntruncated using the ftruncate() function on the file descriptor, a\nsubsequent ftell() call on the stream incorrectly modified the file offset\nby seeking to the new end of the file. This update ensures that ftell()\nmodifies the state of the file stream only when it is in append mode and\nits buffer is not empty. As a result, the described incorrect changes to\nthe file offset no longer occur. (BZ#1170187)\n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n", "modified": "2018-04-12T03:32:51", "published": "2014-12-18T05:00:00", "id": "RHSA-2014:2023", "href": "https://access.redhat.com/errata/RHSA-2014:2023", "type": "redhat", "title": "(RHSA-2014:2023) Moderate: glibc security and bug fix update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:47:05", "bulletinFamily": "unix", "cvelist": ["CVE-2014-6040", "CVE-2014-8121"], "description": "The glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name Server\nCaching Daemon (nscd) used by multiple programs on the system. Without\nthese libraries, the Linux system cannot function correctly.\n\nAn out-of-bounds read flaw was found in the way glibc's iconv() function\nconverted certain encoded data to UTF-8. An attacker able to make an\napplication call the iconv() function with a specially crafted argument\ncould use this flaw to crash that application. (CVE-2014-6040)\n\nIt was found that the files back end of Name Service Switch (NSS) did not\nisolate iteration over an entire database from key-based look-up API calls.\nAn application performing look-ups on a database while iterating over it\ncould enter an infinite loop, leading to a denial of service.\n(CVE-2014-8121)\n\nThis update also fixes the following bugs:\n\n* Due to problems with buffer extension and reallocation, the nscd daemon\nterminated unexpectedly with a segmentation fault when processing long\nnetgroup entries. With this update, the handling of long netgroup entries\nhas been corrected and nscd no longer crashes in the described scenario.\n(BZ#1138520)\n\n* If a file opened in append mode was truncated with the ftruncate()\nfunction, a subsequent ftell() call could incorrectly modify the file\noffset. This update ensures that ftell() modifies the stream state only\nwhen it is in append mode and the buffer for the stream is not empty.\n(BZ#1156331)\n\n* A defect in the C library headers caused builds with older compilers to\ngenerate incorrect code for the btowc() function in the older compatibility C++\nstandard library. Applications calling btowc() in the compatibility C++ standard\nlibrary became unresponsive. With this update, the C library headers have been\ncorrected, and the compatibility C++ standard library shipped with Red Hat\nEnterprise Linux has been rebuilt. Applications that rely on the compatibility\nC++ standard library no longer hang when calling btowc(). (BZ#1120490)\n\n* Previously, when using netgroups and the nscd daemon was set up to cache\nnetgroup information, the sudo utility denied access to valid users. The bug in\nnscd has been fixed, and sudo now works in netgroups as\nexpected. (BZ#1080766)\n\nUsers of glibc are advised to upgrade to these updated packages, which fix these\nissues.\n", "modified": "2018-04-12T03:33:28", "published": "2015-03-05T05:00:00", "id": "RHSA-2015:0327", "href": "https://access.redhat.com/errata/RHSA-2015:0327", "type": "redhat", "title": "(RHSA-2015:0327) Moderate: glibc security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:56", "bulletinFamily": "software", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2012-6656"], "description": "Off-by-one in __gconv_translit_find().", "edition": 1, "modified": "2014-09-01T00:00:00", "published": "2014-09-01T00:00:00", "id": "SECURITYVULNS:VULN:13947", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13947", "title": "GNU glibc buffer overflow", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:58", "bulletinFamily": "software", "cvelist": ["CVE-2014-7817"], "description": "wordexp() function code execution.", "edition": 1, "modified": "2014-11-30T00:00:00", "published": "2014-11-30T00:00:00", "id": "SECURITYVULNS:VULN:14108", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14108", "title": "GNU glibc code execution", "type": "securityvulns", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:55", "bulletinFamily": "software", "cvelist": ["CVE-2014-7817"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:232\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : glibc\r\n Date : November 27, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated glibc package fixes security vulnerability:\r\n \r\n The function wordexp\(\) fails to properly handle the WRDE_NOCMD\r\n flag when processing arithmetic inputs in the form of $((... ``))\r\n where ... can be anything valid. The backticks in the arithmetic\r\n epxression are evaluated by in a shell even if WRDE_NOCMD forbade\r\n command substitution. This allows an attacker to attempt to pass\r\n dangerous commands via constructs of the above form, and bypass the\r\n WRDE_NOCMD flag. This update fixes the issue (CVE-2014-7817).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7817\r\n http://advisories.mageia.org/MGASA-2014-0496.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 87ae1aa0260d5f271b8a49df1ca96c92 mbs1/x86_64/glibc-2.14.1-12.10.mbs1.x86_64.rpm\r\n fbdc85e27c41425f5f0faa17226e2fa4 mbs1/x86_64/glibc-devel-2.14.1-12.10.mbs1.x86_64.rpm\r\n 729c49b58fbb5ba6fb3ce703ec8d9353 mbs1/x86_64/glibc-doc-2.14.1-12.10.mbs1.noarch.rpm\r\n a14e93fbabc854d6d913c20c33a7b060 mbs1/x86_64/glibc-doc-pdf-2.14.1-12.10.mbs1.noarch.rpm\r\n b3f4903a52588c6b391ed234cacfc4fd mbs1/x86_64/glibc-i18ndata-2.14.1-12.10.mbs1.x86_64.rpm\r\n 1363d9159b189daaa0b4933e9d645480 mbs1/x86_64/glibc-profile-2.14.1-12.10.mbs1.x86_64.rpm\r\n 7a2f3ec56db9f916897338ce764b65ed mbs1/x86_64/glibc-static-devel-2.14.1-12.10.mbs1.x86_64.rpm\r\n 7941468822129b1034c7284a49539864 mbs1/x86_64/glibc-utils-2.14.1-12.10.mbs1.x86_64.rpm\r\n dc952727199d879d209e102c2b938c3b mbs1/x86_64/nscd-2.14.1-12.10.mbs1.x86_64.rpm \r\n 5e1ca0b6bd6d1b095459d6e9de32e663 mbs1/SRPMS/glibc-2.14.1-12.10.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFUdvdRmqjQ0CJFipgRArw8AJwNC712ClfzCbT7gqXDVCtml2JSQwCgzLFa\r\nrkKj1OpuF/CX1tRhPAYXRHw=\r\n=8D8z\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-11-30T00:00:00", "published": "2014-11-30T00:00:00", "id": "SECURITYVULNS:DOC:31404", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31404", "title": "[ MDVSA-2014:232 ] glibc", "type": "securityvulns", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2014-7817"], "description": "The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. ", "modified": "2015-03-04T10:25:31", "published": "2015-03-04T10:25:31", "id": "FEDORA:D6230604AFE5", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: glibc-2.18-19.fc20", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7817", "CVE-2014-9402", "CVE-2015-1472"], "description": "The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. ", "modified": "2015-03-04T10:27:01", "published": "2015-03-04T10:27:01", "id": "FEDORA:B3F8860918D2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: glibc-2.20-8.fc21", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:14:55", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2013-4357", "CVE-2012-6656"], "description": "This glibc update fixes a critical privilege escalation problem and two\n additional issues:\n\n * bnc#892073: An off-by-one error leading to a heap-based buffer\n overflow was found in __gconv_translit_find(). An exploit that\n targets the problem is publicly available. (CVE-2014-5119)\n * bnc#836746: Avoid race between {, __de}allocate_stack and\n __reclaim_stacks during fork.\n * bnc#844309: Fixed various overflows, reading large /etc/hosts or\n long names. (CVE-2013-4357)\n * bnc#894553, bnc#894556: Fixed various crashes on invalid input in\n IBM gconv modules. (CVE-2014-6040, CVE-2012-6656)\n\n Security Issues:\n\n * CVE-2012-6656\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656</a>>\n * CVE-2013-4357\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4357\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4357</a>>\n * CVE-2014-5119\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119</a>>\n * CVE-2014-6040\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040</a>>\n\n", "edition": 1, "modified": "2014-09-15T19:06:41", "published": "2014-09-15T19:06:41", "id": "SUSE-SU-2014:1129-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html", "type": "suse", "title": "Security update for glibc (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:57:20", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0242", "CVE-2014-5119", "CVE-2014-4043", "CVE-2014-6040", "CVE-2012-4412", "CVE-2013-4332", "CVE-2012-6656", "CVE-2013-4237"], "description": "This glibc update fixes a critical privilege escalation problem and the\n following security and non-security issues:\n\n * bnc#892073: An off-by-one error leading to a heap-based buffer\n overflow was found in __gconv_translit_find(). An exploit that\n targets the problem is publicly available. (CVE-2014-5119)\n * bnc#882600: Copy filename argument in\n posix_spawn_file_actions_addopen. (CVE-2014-4043)\n * bnc#860501: Use O_LARGEFILE for utmp file.\n * bnc#842291: Fix typo in glibc-2.5-dlopen-lookup-race.diff.\n * bnc#839870: Fix integer overflows in malloc. (CVE-2013-4332)\n * bnc#834594: Fix readdir_r with long file names. (CVE-2013-4237)\n * bnc#824639: Drop lock before calling malloc_printerr.\n * bnc#801246: Fix buffer overrun in regexp matcher. (CVE-2013-0242)\n * bnc#779320: Fix buffer overflow in strcoll. (CVE-2012-4412)\n * bnc#894556 / bnc#894553: Fix crashes on invalid input in IBM gconv\n modules. (CVE-2014-6040, CVE-2012-6656, bnc#894553, bnc#894556,\n BZ#17325, BZ#14134)\n\n Security Issues:\n\n * CVE-2014-5119\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119</a>>\n * CVE-2014-4043\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043</a>>\n * CVE-2013-4332\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332</a>>\n * CVE-2013-4237\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237</a>>\n * CVE-2013-0242\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242</a>>\n * CVE-2012-4412\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412</a>>\n\n\n", "edition": 1, "modified": "2014-09-15T19:04:18", "published": "2014-09-15T19:04:18", "id": "SUSE-SU-2014:1128-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00019.html", "title": "Security update for glibc (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:17:43", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2014-0475"], "description": "glibc was updated to fix three security issues:\n\n - A directory traversal in locale environment handling was fixed\n (CVE-2014-0475, bnc#887022, GLIBC BZ #17137)\n\n - Disable gconv transliteration module loading which could be used for\n code execution (CVE-2014-5119, bnc#892073, GLIBC BZ #17187)\n\n - Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040,\n bnc#894553, BZ #17325)\n\n", "edition": 1, "modified": "2014-09-11T09:04:39", "published": "2014-09-11T09:04:39", "id": "OPENSUSE-SU-2014:1115-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00009.html", "type": "suse", "title": "glibc (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:46", "bulletinFamily": "unix", "cvelist": ["CVE-2014-7817"], "description": "The wordexp function could ignore the WRDE_NOCMD flag under certain\ninput conditions resulting in the execution of a shell for command\nsubstitution when the application did not request it. The implementation\nnow checks WRDE_NOCMD immediately before executing the shell and returns\nthe error WRDE_CMDSUB as expected.", "modified": "2014-11-21T00:00:00", "published": "2014-11-21T00:00:00", "id": "ASA-201411-27", "href": "https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html", "type": "archlinux", "title": "glibc: command execution", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:03", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8776", "CVE-2014-5119", "CVE-2014-6040", "CVE-2014-9402", "CVE-2014-8121", "CVE-2015-8779", "CVE-2015-8778", "CVE-2014-7817", "CVE-2015-1472", "CVE-2015-1781", "CVE-2013-7423", "CVE-2014-0475", "CVE-2015-7547"], "description": "### Background\n\nThe GNU C library is the standard C library used by Gentoo Linux systems. \n\n### Description\n\nMultiple vulnerabilities have been discovered in the GNU C Library:\n\n * The Google Security Team and Red Hat discovered a stack-based buffer overflow in the send_dg() and send_vc() functions due to a buffer mismanagement when getaddrinfo() is called with AF_UNSPEC (CVE-2015-7547). \n * The strftime() function access invalid memory when passed out-of-range data, resulting in a crash (CVE-2015-8776). \n * An integer overflow was found in the __hcreate_r() function (CVE-2015-8778). \n * Multiple unbounded stack allocations were found in the catopen() function (CVE-2015-8779). \n\nPlease review the CVEs referenced below for additional vulnerabilities that had already been fixed in previous versions of sys-libs/glibc, for which we have not issued a GLSA before. \n\n### Impact\n\nA remote attacker could exploit any application which performs host name resolution using getaddrinfo() in order to execute arbitrary code or crash the application. The other vulnerabilities can possibly be exploited to cause a Denial of Service or leak information. \n\n### Workaround\n\nA number of mitigating factors for CVE-2015-7547 have been identified. Please review the upstream advisory and references below. \n\n### Resolution\n\nAll GNU C Library users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-libs/glibc-2.21-r2\"\n \n\nIt is important to ensure that no running process uses the old glibc anymore. The easiest way to achieve that is by rebooting the machine after updating the sys-libs/glibc package. \n\nNote: Should you run into compilation failures while updating, please see bug 574948.", "edition": 1, "modified": "2016-02-17T00:00:00", "published": "2016-02-17T00:00:00", "id": "GLSA-201602-02", "href": "https://security.gentoo.org/glsa/201602-02", "type": "gentoo", "title": "GNU C Library: Multiple vulnerabilities", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:22", "bulletinFamily": "unix", "cvelist": ["CVE-2015-0235", "CVE-2013-0242", "CVE-2014-4043", "CVE-2012-3404", "CVE-2013-4788", "CVE-2012-3405", "CVE-2012-4412", "CVE-2012-4424", "CVE-2013-4332", "CVE-2012-3480", "CVE-2013-2207", "CVE-2013-1914", "CVE-2012-6656", "CVE-2013-4458", "CVE-2013-4237", "CVE-2012-3406"], "edition": 1, "description": "### Background\n\nThe GNU C library is the standard C library used by Gentoo Linux systems. \n\n### Description\n\nMultiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local attacker may be able to execute arbitrary code or cause a Denial of Service condition,. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll glibc users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-libs/glibc-2.19-r1\"", "modified": "2015-03-08T00:00:00", "published": "2015-03-08T00:00:00", "id": "GLSA-201503-04", "href": "https://security.gentoo.org/glsa/201503-04", "type": "gentoo", "title": "GNU C Library: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2020-10-25T16:36:04", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4412", "CVE-2012-4424", "CVE-2013-4237", "CVE-2013-4458", "CVE-2013-4788", "CVE-2014-0475", "CVE-2014-4043", "CVE-2014-5119", "CVE-2014-6040"], "description": "New glibc packages are available for Slackware 14.1 and -current to fix\nsecurity issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/glibc-2.17-i486-8_slack14.1.txz: Rebuilt.\n This update fixes several security issues, and adds an extra security\n hardening patch from Florian Weimer. Thanks to mancha for help with\n tracking and backporting patches.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4424\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4788\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4458\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0475\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040\n (* Security fix *)\npatches/packages/glibc-i18n-2.17-i486-8_slack14.1.txz: Rebuilt.\npatches/packages/glibc-profile-2.17-i486-8_slack14.1.txz: Rebuilt.\npatches/packages/glibc-solibs-2.17-i486-8_slack14.1.txz: Rebuilt.\npatches/packages/glibc-zoneinfo-2014i-noarch-1_slack14.1.txz: Upgraded.\n Upgraded to tzcode2014i and tzdata2014i.\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-2.17-i486-8_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-i18n-2.17-i486-8_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-profile-2.17-i486-8_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-solibs-2.17-i486-8_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-zoneinfo-2014i-noarch-1_slack14.1.txz\n\nUpdated packages for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-2.17-x86_64-8_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-i18n-2.17-x86_64-8_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-profile-2.17-x86_64-8_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-solibs-2.17-x86_64-8_slack14.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-zoneinfo-2014i-noarch-1_slack14.1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-solibs-2.20-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-zoneinfo-2014i-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-2.20-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-i18n-2.20-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-profile-2.20-i486-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-solibs-2.20-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-zoneinfo-2014i-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-2.20-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-i18n-2.20-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-profile-2.20-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.1 packages:\n8995409d8ed617125649aaab14299f61 glibc-2.17-i486-8_slack14.1.txz\n877bba4ad31eb68c7e7cce11f6aafd5b glibc-i18n-2.17-i486-8_slack14.1.txz\nf89a9319a1798771b26488e99f0dd1af glibc-profile-2.17-i486-8_slack14.1.txz\nd1756f2721cbb2955152c46ef5fab72e glibc-solibs-2.17-i486-8_slack14.1.txz\nc7080f6d7f309ba2905dacfa555a8115 glibc-zoneinfo-2014i-noarch-1_slack14.1.txz\n\nSlackware x86_64 14.1 packages:\n32904ee5d2a3177d621c4c6f2aa6e67f glibc-2.17-x86_64-8_slack14.1.txz\n1bb4ddd6d4043d632e78dbf3103f2f7c glibc-i18n-2.17-x86_64-8_slack14.1.txz\ne6914d464f57ea493502eea4dd40044a glibc-profile-2.17-x86_64-8_slack14.1.txz\n04562128e188daaad7fdab49756a22f2 glibc-solibs-2.17-x86_64-8_slack14.1.txz\nc7080f6d7f309ba2905dacfa555a8115 glibc-zoneinfo-2014i-noarch-1_slack14.1.txz\n\nSlackware -current packages:\nf547fe51634c852ae17cb1f6c39203e1 a/glibc-solibs-2.20-i486-1.txz\nc7080f6d7f309ba2905dacfa555a8115 a/glibc-zoneinfo-2014i-noarch-1.txz\nf9923d8006a3c03520e93608114cb7de l/glibc-2.20-i486-1.txz\n658301364b68e79d53acb607cd399504 l/glibc-i18n-2.20-i486-1.txz\nd03947abf3d4be41f7bfb0a71bd29f35 l/glibc-profile-2.20-i486-1.txz\n\nSlackware x86_64 -current packages:\na0f46b305c27dd0c80e65cc77254bdf2 a/glibc-solibs-2.20-x86_64-1.txz\nc7080f6d7f309ba2905dacfa555a8115 a/glibc-zoneinfo-2014i-noarch-1.txz\nd673acf56308355713ac67ae68e6bd2b l/glibc-2.20-x86_64-1.txz\n410918dc8bf5b7a84d1bed5b6e125ee3 l/glibc-i18n-2.20-x86_64-1.txz\nc023f4514cd0a672e4852986c74268e6 l/glibc-profile-2.20-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg glibc-*.txz", "modified": "2014-10-24T05:36:04", "published": "2014-10-24T05:36:04", "id": "SSA-2014-296-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.647059", "type": "slackware", "title": "[slackware-security] glibc", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oracle": [{"lastseen": "2019-07-16T19:58:51", "bulletinFamily": "software", "cvelist": ["CVE-2018-2654", "CVE-2018-2731", "CVE-2018-2691", "CVE-2018-2617", "CVE-2018-2618", "CVE-2018-2722", "CVE-2016-2518", "CVE-2018-2687", "CVE-2018-2653", "CVE-2018-2723", "CVE-2017-9798", "CVE-2018-2679", "CVE-2018-2560", "CVE-2018-2659", "CVE-2018-2565", "CVE-2018-2626", "CVE-2017-5753", "CVE-2018-2561", "CVE-2017-5754", "CVE-2018-2583", "CVE-2018-2661", "CVE-2018-2589", "CVE-2016-5385", "CVE-2018-2656", "CVE-2018-2620", "CVE-2018-2623", "CVE-2017-13079", "CVE-2018-2566", "CVE-2018-2625", "CVE-2018-2650", "CVE-2017-13080", "CVE-2016-6306", "CVE-2018-2733", "CVE-2018-2582", "CVE-2016-2183", "CVE-2018-2717", "CVE-2018-2681", "CVE-2018-2728", "CVE-2018-2708", "CVE-2018-2663", "CVE-2018-2606", "CVE-2018-2709", "CVE-2016-7977", "CVE-2016-2178", "CVE-2018-2672", "CVE-2018-2646", "CVE-2018-2578", "CVE-2016-9878", "CVE-2017-3735", "CVE-2017-10273", "CVE-2015-3195", "CVE-2018-2567", "CVE-2017-0781", "CVE-2018-2586", "CVE-2018-2624", "CVE-2018-2632", "CVE-2018-2570", "CVE-2018-2669", "CVE-2018-2707", "CVE-2018-2635", "CVE-2018-2716", "CVE-2016-6302", "CVE-2018-2633", "CVE-2017-13082", "CVE-2018-2644", "CVE-2018-2696", "CVE-2018-2562", "CVE-2018-2724", "CVE-2016-2177", "CVE-2018-2639", "CVE-2014-9402", "CVE-2018-2698", "CVE-2018-2726", "CVE-2018-2638", "CVE-2016-0635", "CVE-2016-2105", "CVE-2018-2693", "CVE-2018-2590", "CVE-2018-2732", "CVE-2018-2636", "CVE-2016-2107", "CVE-2016-7055", "CVE-2018-2727", "CVE-2018-2637", "CVE-2018-2649", "CVE-2015-7501", "CVE-2018-2706", "CVE-2018-2673", "CVE-2018-2677", "CVE-2015-3253", "CVE-2018-2605", "CVE-2017-3731", "CVE-2018-2703", "CVE-2018-2721", "CVE-2017-0785", "CVE-2017-3737", "CVE-2018-2692", "CVE-2018-2571", "CVE-2018-2607", "CVE-2017-9072", "CVE-2018-2690", "CVE-2018-2725", "CVE-2018-2609", "CVE-2018-2630", "CVE-2016-1182", "CVE-2018-2711", "CVE-2017-10301", "CVE-2018-2710", "CVE-2018-2604", "CVE-2018-2612", "CVE-2018-2600", "CVE-2017-13078", "CVE-2018-2664", "CVE-2016-2180", "CVE-2018-2676", "CVE-2015-2808", "CVE-2018-2619", "CVE-2018-2574", "CVE-2018-2581", "CVE-2018-2603", "CVE-2018-2682", "CVE-2017-5715", "CVE-2016-2109", "CVE-2018-2701", "CVE-2016-2181", "CVE-2018-2593", "CVE-2016-6304", "CVE-2016-4449", "CVE-2017-0783", "CVE-2014-0114", "CVE-2017-3732", "CVE-2018-2599", "CVE-2018-2643", "CVE-2018-2666", "CVE-2018-2688", "CVE-2015-0293", "CVE-2018-2662", "CVE-2018-2601", "CVE-2018-2667", "CVE-2018-2668", "CVE-2018-2729", "CVE-2017-10352", "CVE-2016-2550", "CVE-2018-2564", "CVE-2018-2610", "CVE-2018-2660", "CVE-2018-2577", "CVE-2018-2569", "CVE-2018-2658", "CVE-2016-7052", "CVE-2018-2640", "CVE-2018-2613", "CVE-2018-2596", "CVE-2018-2705", "CVE-2017-10282", "CVE-2007-6750", "CVE-2018-2714", "CVE-2018-2674", "CVE-2018-2730", "CVE-2018-2647", "CVE-2018-2584", "CVE-2018-2641", "CVE-2014-7817", "CVE-2017-5664", "CVE-2018-2629", "CVE-2018-2585", "CVE-2016-0800", "CVE-2018-2615", "CVE-2018-2685", "CVE-2018-2699", "CVE-2018-2597", "CVE-2018-2616", "CVE-2018-2697", "CVE-2016-1181", "CVE-2018-2621", "CVE-2018-2627", "CVE-2018-2720", "CVE-2017-10262", "CVE-2018-2588", "CVE-2013-2566", "CVE-2016-8735", "CVE-2018-2648", "CVE-2018-2594", "CVE-2017-3738", "CVE-2018-2634", "CVE-2018-2602", "CVE-2016-0704", "CVE-2016-6303", "CVE-2018-2670", "CVE-2016-5387", "CVE-2018-2591", "CVE-2017-13081", "CVE-2018-2645", "CVE-2018-2655", "CVE-2017-5645", "CVE-2016-2182", "CVE-2018-2651", "CVE-2018-2608", "CVE-2018-2592", "CVE-2018-2712", "CVE-2018-2665", "CVE-2018-2652", "CVE-2017-12617", "CVE-2018-2657", "CVE-2016-0703", "CVE-2018-2700", "CVE-2015-1472", "CVE-2017-5461", "CVE-2018-2675", "CVE-2018-2671", "CVE-2018-2575", "CVE-2018-2684", "CVE-2015-7940", "CVE-2018-2580", "CVE-2017-3736", "CVE-2018-2704", "CVE-2018-2642", "CVE-2017-13077", "CVE-2018-2702", "CVE-2018-2713", "CVE-2018-2678", "CVE-2018-2622", "CVE-2018-2573", "CVE-2018-2715", "CVE-2018-2595", "CVE-2018-2579", "CVE-2016-2179", "CVE-2017-10068", "CVE-2018-2568", "CVE-2016-2106", "CVE-2018-2576", "CVE-2016-6814", "CVE-2015-7547", "CVE-2018-2614", "CVE-2018-2686", "CVE-2018-2631", "CVE-2015-4852", "CVE-2018-2694", "CVE-2018-2689", "CVE-2018-2719", "CVE-2017-0782", "CVE-2018-2611", "CVE-2018-2683", "CVE-2018-2680", "CVE-2018-2695"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\nThe January 2018 Critical Patch Update provides fixes for certain Oracle products for the Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Intel processor vulnerabilities. Please refer to this Advisory and the [Addendum to the January 2018 Critical Patch Update Advisory for Spectre and Meltdown](<https://support.oracle.com/rs?type=doc&id=2347948.1>) MOS note (Doc ID 2347948.1).\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 238 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ January 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2338411.1>).\n", "modified": "2018-03-20T00:00:00", "published": "2018-01-16T00:00:00", "id": "ORACLE:CPUJAN2018-3236628", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - January 2018", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-10-04T21:15:55", "bulletinFamily": "software", "cvelist": ["CVE-2007-6750", "CVE-2013-2566", "CVE-2014-0114", "CVE-2014-7817", "CVE-2014-9402", "CVE-2015-0293", "CVE-2015-1472", "CVE-2015-2808", "CVE-2015-3195", "CVE-2015-3253", "CVE-2015-4852", "CVE-2015-7501", "CVE-2015-7547", "CVE-2015-7940", "CVE-2016-0635", "CVE-2016-0703", "CVE-2016-0704", "CVE-2016-0800", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2105", "CVE-2016-2106", "CVE-2016-2107", "CVE-2016-2109", "CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-2518", "CVE-2016-2550", "CVE-2016-4449", "CVE-2016-5385", "CVE-2016-5387", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306", "CVE-2016-6814", "CVE-2016-7052", "CVE-2016-7055", "CVE-2016-7977", "CVE-2016-8735", "CVE-2016-9878", "CVE-2017-0781", "CVE-2017-0782", "CVE-2017-0783", "CVE-2017-0785", "CVE-2017-10068", "CVE-2017-10262", "CVE-2017-10273", "CVE-2017-10282", "CVE-2017-10301", "CVE-2017-10352", "CVE-2017-12617", "CVE-2017-13077", "CVE-2017-13078", "CVE-2017-13079", "CVE-2017-13080", "CVE-2017-13081", "CVE-2017-13082", "CVE-2017-3731", "CVE-2017-3732", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3737", "CVE-2017-3738", "CVE-2017-5461", "CVE-2017-5645", "CVE-2017-5664", "CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-9072", "CVE-2017-9798", "CVE-2018-2560", "CVE-2018-2561", "CVE-2018-2562", "CVE-2018-2564", "CVE-2018-2565", "CVE-2018-2566", "CVE-2018-2567", "CVE-2018-2568", "CVE-2018-2569", "CVE-2018-2570", "CVE-2018-2571", "CVE-2018-2573", "CVE-2018-2574", "CVE-2018-2575", "CVE-2018-2576", "CVE-2018-2577", "CVE-2018-2578", "CVE-2018-2579", "CVE-2018-2580", "CVE-2018-2581", "CVE-2018-2582", "CVE-2018-2583", "CVE-2018-2584", "CVE-2018-2585", "CVE-2018-2586", "CVE-2018-2588", "CVE-2018-2589", "CVE-2018-2590", "CVE-2018-2591", "CVE-2018-2592", "CVE-2018-2593", "CVE-2018-2594", "CVE-2018-2595", "CVE-2018-2596", "CVE-2018-2597", "CVE-2018-2599", "CVE-2018-2600", "CVE-2018-2601", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2604", "CVE-2018-2605", "CVE-2018-2606", "CVE-2018-2607", "CVE-2018-2608", "CVE-2018-2609", "CVE-2018-2610", "CVE-2018-2611", "CVE-2018-2612", "CVE-2018-2613", "CVE-2018-2614", "CVE-2018-2615", "CVE-2018-2616", "CVE-2018-2617", "CVE-2018-2618", "CVE-2018-2619", "CVE-2018-2620", "CVE-2018-2621", "CVE-2018-2622", "CVE-2018-2623", "CVE-2018-2624", "CVE-2018-2625", "CVE-2018-2626", "CVE-2018-2627", "CVE-2018-2629", "CVE-2018-2630", "CVE-2018-2631", "CVE-2018-2632", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2635", "CVE-2018-2636", "CVE-2018-2637", "CVE-2018-2638", "CVE-2018-2639", "CVE-2018-2640", "CVE-2018-2641", "CVE-2018-2642", "CVE-2018-2643", "CVE-2018-2644", "CVE-2018-2645", "CVE-2018-2646", "CVE-2018-2647", "CVE-2018-2648", "CVE-2018-2649", "CVE-2018-2650", "CVE-2018-2651", "CVE-2018-2652", "CVE-2018-2653", "CVE-2018-2654", "CVE-2018-2655", "CVE-2018-2656", "CVE-2018-2657", "CVE-2018-2658", "CVE-2018-2659", "CVE-2018-2660", "CVE-2018-2661", "CVE-2018-2662", "CVE-2018-2663", "CVE-2018-2664", "CVE-2018-2665", "CVE-2018-2666", "CVE-2018-2667", "CVE-2018-2668", "CVE-2018-2669", "CVE-2018-2670", "CVE-2018-2671", "CVE-2018-2672", "CVE-2018-2673", "CVE-2018-2674", "CVE-2018-2675", "CVE-2018-2676", "CVE-2018-2677", "CVE-2018-2678", "CVE-2018-2679", "CVE-2018-2680", "CVE-2018-2681", "CVE-2018-2682", "CVE-2018-2683", "CVE-2018-2684", "CVE-2018-2685", "CVE-2018-2686", "CVE-2018-2687", "CVE-2018-2688", "CVE-2018-2689", "CVE-2018-2690", "CVE-2018-2691", "CVE-2018-2692", "CVE-2018-2693", "CVE-2018-2694", "CVE-2018-2695", "CVE-2018-2696", "CVE-2018-2697", "CVE-2018-2698", "CVE-2018-2699", "CVE-2018-2700", "CVE-2018-2701", "CVE-2018-2702", "CVE-2018-2703", "CVE-2018-2704", "CVE-2018-2705", "CVE-2018-2706", "CVE-2018-2707", "CVE-2018-2708", "CVE-2018-2709", "CVE-2018-2710", "CVE-2018-2711", "CVE-2018-2712", "CVE-2018-2713", "CVE-2018-2714", "CVE-2018-2715", "CVE-2018-2716", "CVE-2018-2717", "CVE-2018-2719", "CVE-2018-2720", "CVE-2018-2721", "CVE-2018-2722", "CVE-2018-2723", "CVE-2018-2724", "CVE-2018-2725", "CVE-2018-2726", "CVE-2018-2727", "CVE-2018-2728", "CVE-2018-2729", "CVE-2018-2730", "CVE-2018-2731", "CVE-2018-2732", "CVE-2018-2733"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\nCritical Patch Updates and Security Alerts for information about Oracle Security Advisories.\n\nThe January 2018 Critical Patch Update provides fixes for certain Oracle products for the Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Intel processor vulnerabilities. Please refer to this Advisory and the [Addendum to the January 2018 Critical Patch Update Advisory for Spectre and Meltdown](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2347948.1>) MOS note (Doc ID 2347948.1).\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 238 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [January 2018 Critical Patch Update: Executive Summary and Analysis.](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2338411.1>)\n", "modified": "2018-03-20T00:00:00", "published": "2018-01-16T00:00:00", "id": "ORACLE:CPUJAN2018", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - January 2018", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-10-04T21:15:56", "bulletinFamily": "software", "cvelist": ["CVE-2012-1007", "CVE-2014-0014", "CVE-2014-0114", "CVE-2014-3490", "CVE-2014-7817", "CVE-2015-0235", "CVE-2015-0252", "CVE-2015-3144", "CVE-2015-3145", "CVE-2015-3153", "CVE-2015-3236", "CVE-2015-3237", "CVE-2015-6937", "CVE-2015-7501", "CVE-2015-7990", "CVE-2015-9251", "CVE-2016-0635", "CVE-2016-0729", "CVE-2016-0755", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2107", "CVE-2016-3739", "CVE-2016-4000", "CVE-2016-5019", "CVE-2016-5080", "CVE-2016-5244", "CVE-2016-5419", "CVE-2016-5420", "CVE-2016-5421", "CVE-2016-6814", "CVE-2016-7141", "CVE-2016-7167", "CVE-2016-8615", "CVE-2016-8616", "CVE-2016-8617", "CVE-2016-8618", "CVE-2016-8619", "CVE-2016-8620", "CVE-2016-8621", "CVE-2016-8622", "CVE-2016-8623", "CVE-2016-8624", "CVE-2016-9586", "CVE-2016-9840", "CVE-2016-9841", "CVE-2016-9842", "CVE-2016-9843", "CVE-2017-14735", "CVE-2017-15095", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3738", "CVE-2017-5529", "CVE-2017-5533", "CVE-2017-5645", "CVE-2017-5715", "CVE-2017-7407", "CVE-2017-7525", "CVE-2017-7805", "CVE-2017-9798", "CVE-2018-0732", "CVE-2018-0733", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122", "CVE-2018-1000300", "CVE-2018-1000301", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-11307", "CVE-2018-11776", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-1270", "CVE-2018-1271", "CVE-2018-1272", "CVE-2018-1275", "CVE-2018-1304", "CVE-2018-1305", "CVE-2018-13785", "CVE-2018-14048", "CVE-2018-18223", "CVE-2018-18224", "CVE-2018-2887", "CVE-2018-2889", "CVE-2018-2902", "CVE-2018-2909", "CVE-2018-2911", "CVE-2018-2912", "CVE-2018-2913", "CVE-2018-2914", "CVE-2018-2922", "CVE-2018-2971", "CVE-2018-3011", "CVE-2018-3059", "CVE-2018-3115", "CVE-2018-3122", "CVE-2018-3126", "CVE-2018-3127", "CVE-2018-3128", "CVE-2018-3129", "CVE-2018-3130", "CVE-2018-3131", "CVE-2018-3132", "CVE-2018-3133", "CVE-2018-3134", "CVE-2018-3135", "CVE-2018-3136", "CVE-2018-3137", "CVE-2018-3138", "CVE-2018-3139", "CVE-2018-3140", "CVE-2018-3141", "CVE-2018-3142", "CVE-2018-3143", "CVE-2018-3144", "CVE-2018-3145", "CVE-2018-3146", "CVE-2018-3147", "CVE-2018-3148", "CVE-2018-3149", "CVE-2018-3150", "CVE-2018-3151", "CVE-2018-3152", "CVE-2018-3153", "CVE-2018-3154", "CVE-2018-3155", "CVE-2018-3156", "CVE-2018-3157", "CVE-2018-3158", "CVE-2018-3159", "CVE-2018-3160", "CVE-2018-3161", "CVE-2018-3162", "CVE-2018-3163", "CVE-2018-3164", "CVE-2018-3165", "CVE-2018-3166", "CVE-2018-3167", "CVE-2018-3168", "CVE-2018-3169", "CVE-2018-3170", "CVE-2018-3171", "CVE-2018-3172", "CVE-2018-3173", "CVE-2018-3174", "CVE-2018-3175", "CVE-2018-3176", "CVE-2018-3177", "CVE-2018-3178", "CVE-2018-3179", "CVE-2018-3180", "CVE-2018-3181", "CVE-2018-3182", "CVE-2018-3183", "CVE-2018-3184", "CVE-2018-3185", "CVE-2018-3186", "CVE-2018-3187", "CVE-2018-3188", "CVE-2018-3189", "CVE-2018-3190", "CVE-2018-3191", "CVE-2018-3192", "CVE-2018-3193", "CVE-2018-3194", "CVE-2018-3195", "CVE-2018-3196", "CVE-2018-3197", "CVE-2018-3198", "CVE-2018-3200", "CVE-2018-3201", "CVE-2018-3202", "CVE-2018-3203", "CVE-2018-3204", "CVE-2018-3205", "CVE-2018-3206", "CVE-2018-3207", "CVE-2018-3208", "CVE-2018-3209", "CVE-2018-3210", "CVE-2018-3211", "CVE-2018-3212", "CVE-2018-3213", "CVE-2018-3214", "CVE-2018-3215", "CVE-2018-3217", "CVE-2018-3218", "CVE-2018-3219", "CVE-2018-3220", "CVE-2018-3221", "CVE-2018-3222", "CVE-2018-3223", "CVE-2018-3224", "CVE-2018-3225", "CVE-2018-3226", "CVE-2018-3227", "CVE-2018-3228", "CVE-2018-3229", "CVE-2018-3230", "CVE-2018-3231", "CVE-2018-3232", "CVE-2018-3233", "CVE-2018-3234", "CVE-2018-3235", "CVE-2018-3236", "CVE-2018-3237", "CVE-2018-3238", "CVE-2018-3239", "CVE-2018-3241", "CVE-2018-3242", "CVE-2018-3243", "CVE-2018-3244", "CVE-2018-3245", "CVE-2018-3246", "CVE-2018-3247", "CVE-2018-3248", "CVE-2018-3249", "CVE-2018-3250", "CVE-2018-3251", "CVE-2018-3252", "CVE-2018-3253", "CVE-2018-3254", "CVE-2018-3255", "CVE-2018-3256", "CVE-2018-3257", "CVE-2018-3258", "CVE-2018-3259", "CVE-2018-3261", "CVE-2018-3262", "CVE-2018-3263", "CVE-2018-3264", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3267", "CVE-2018-3268", "CVE-2018-3269", "CVE-2018-3270", "CVE-2018-3271", "CVE-2018-3272", "CVE-2018-3273", "CVE-2018-3274", "CVE-2018-3275", "CVE-2018-3276", "CVE-2018-3277", "CVE-2018-3278", "CVE-2018-3279", "CVE-2018-3280", "CVE-2018-3281", "CVE-2018-3282", "CVE-2018-3283", "CVE-2018-3284", "CVE-2018-3285", "CVE-2018-3286", "CVE-2018-3287", "CVE-2018-3288", "CVE-2018-3289", "CVE-2018-3290", "CVE-2018-3291", "CVE-2018-3292", "CVE-2018-3293", "CVE-2018-3294", "CVE-2018-3295", "CVE-2018-3296", "CVE-2018-3297", "CVE-2018-3298", "CVE-2018-3299", "CVE-2018-3301", "CVE-2018-3302", "CVE-2018-7489", "CVE-2018-8013", "CVE-2018-8014", "CVE-2018-8034", "CVE-2018-8037"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?id=2456979.1>).\n", "modified": "2018-10-16T00:00:00", "published": "2018-12-18T00:00:00", "id": "ORACLE:CPUOCT2018", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update - October 2018", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:21:14", "bulletinFamily": "software", "cvelist": ["CVE-2018-3170", "CVE-2018-3157", "CVE-2018-3138", "CVE-2018-3254", "CVE-2017-5533", "CVE-2018-3204", "CVE-2018-3141", "CVE-2017-7407", "CVE-2015-9251", "CVE-2016-8620", "CVE-2017-9798", "CVE-2016-8623", "CVE-2018-1000120", "CVE-2016-5244", "CVE-2018-0732", "CVE-2018-3183", "CVE-2015-0235", "CVE-2016-5420", "CVE-2018-3274", "CVE-2018-3271", "CVE-2018-1304", "CVE-2018-3297", "CVE-2018-3130", "CVE-2016-9840", "CVE-2018-3184", "CVE-2018-3227", "CVE-2018-3231", "CVE-2016-8615", "CVE-2016-8616", "CVE-2018-3188", "CVE-2018-3137", "CVE-2018-3174", "CVE-2018-3203", "CVE-2018-3154", "CVE-2016-5019", "CVE-2016-8619", "CVE-2015-3236", "CVE-2018-3189", "CVE-2018-1275", "CVE-2018-14048", "CVE-2018-3301", "CVE-2018-3294", "CVE-2018-3129", "CVE-2018-7489", "CVE-2018-3287", "CVE-2018-3180", "CVE-2018-3257", "CVE-2018-3280", "CVE-2018-3293", "CVE-2018-3247", "CVE-2018-3239", "CVE-2018-2911", "CVE-2018-3270", "CVE-2018-3249", "CVE-2018-3259", "CVE-2018-3167", "CVE-2018-3236", "CVE-2018-3292", "CVE-2017-3735", "CVE-2018-2912", "CVE-2018-3175", "CVE-2018-3250", "CVE-2014-0014", "CVE-2018-3299", "CVE-2018-1271", "CVE-2016-5080", "CVE-2018-3256", "CVE-2018-3136", "CVE-2018-3246", "CVE-2018-3152", "CVE-2016-8618", "CVE-2018-1000121", "CVE-2018-3285", "CVE-2018-3115", "CVE-2018-3263", "CVE-2018-11039", "CVE-2018-3282", "CVE-2018-3218", "CVE-2018-3150", "CVE-2018-3145", "CVE-2018-3132", "CVE-2018-3190", "CVE-2016-7141", "CVE-2018-3220", "CVE-2018-11307", "CVE-2018-3133", "CVE-2018-2889", "CVE-2018-3128", "CVE-2018-3214", "CVE-2018-3182", "CVE-2018-3211", "CVE-2018-3210", "CVE-2016-0729", "CVE-2018-3233", "CVE-2018-3209", "CVE-2018-3131", "CVE-2018-3302", "CVE-2016-0635", "CVE-2016-0755", "CVE-2016-2107", "CVE-2018-3267", "CVE-2018-3261", "CVE-2015-7501", "CVE-2018-3219", "CVE-2018-3291", "CVE-2018-3244", "CVE-2018-3265", "CVE-2018-3266", "CVE-2018-3193", "CVE-2018-3144", "CVE-2018-3206", "CVE-2018-3298", "CVE-2016-8617", "CVE-2016-9842", "CVE-2018-12022", "CVE-2018-3212", "CVE-2018-8014", "CVE-2016-1182", "CVE-2015-3153", "CVE-2018-1258", "CVE-2018-3234", "CVE-2018-3255", "CVE-2018-3226", "CVE-2018-1000122", "CVE-2018-3173", "CVE-2018-3215", "CVE-2018-3248", "CVE-2018-1305", "CVE-2018-3187", "CVE-2018-3276", "CVE-2018-3156", "CVE-2018-3241", "CVE-2018-3228", "CVE-2018-11776", "CVE-2018-3122", "CVE-2018-13785", "CVE-2018-3011", "CVE-2018-3139", "CVE-2017-7805", "CVE-2018-3223", "CVE-2018-3205", "CVE-2018-3230", "CVE-2018-1257", "CVE-2018-3213", "CVE-2017-5715", "CVE-2018-3161", "CVE-2018-3290", "CVE-2018-3201", "CVE-2018-1000300", "CVE-2018-3251", "CVE-2018-3225", "CVE-2018-2902", "CVE-2018-3163", "CVE-2015-3144", "CVE-2018-2887", "CVE-2014-0114", "CVE-2018-3179", "CVE-2018-3262", "CVE-2018-3237", "CVE-2018-0739", "CVE-2018-3222", "CVE-2018-3155", "CVE-2015-0252", "CVE-2018-3253", "CVE-2018-3126", "CVE-2018-8034", "CVE-2018-3127", "CVE-2018-3221", "CVE-2018-3059", "CVE-2015-3237", "CVE-2018-3279", "CVE-2018-3151", "CVE-2018-2909", "CVE-2018-3245", "CVE-2018-3252", "CVE-2018-3284", "CVE-2018-8013", "CVE-2018-3235", "CVE-2016-8622", "CVE-2018-3275", "CVE-2015-7990", "CVE-2018-3162", "CVE-2018-3197", "CVE-2018-1272", "CVE-2018-3278", "CVE-2018-3186", "CVE-2017-7525", "CVE-2018-3159", "CVE-2018-3171", "CVE-2018-3296", "CVE-2018-3194", "CVE-2018-3217", "CVE-2018-3273", "CVE-2018-3178", "CVE-2018-3147", "CVE-2018-3288", "CVE-2018-1270", "CVE-2014-7817", "CVE-2018-3191", "CVE-2018-18224", "CVE-2012-1007", "CVE-2018-3143", "CVE-2016-8624", "CVE-2018-0733", "CVE-2016-1181", "CVE-2018-3281", "CVE-2018-2971", "CVE-2016-3739", "CVE-2018-3146", "CVE-2016-9843", "CVE-2018-3277", "CVE-2018-3208", "CVE-2017-14735", "CVE-2015-3145", "CVE-2017-3738", "CVE-2018-3172", "CVE-2018-3164", "CVE-2018-3176", "CVE-2018-3169", "CVE-2018-3160", "CVE-2018-3149", "CVE-2014-3490", "CVE-2018-3185", "CVE-2018-3232", "CVE-2018-3264", "CVE-2018-8037", "CVE-2018-3258", "CVE-2017-5645", "CVE-2016-5421", "CVE-2016-9586", "CVE-2018-3272", "CVE-2018-3142", "CVE-2018-3295", "CVE-2018-2914", "CVE-2018-3192", "CVE-2018-3153", "CVE-2018-3283", "CVE-2017-5529", "CVE-2018-3269", "CVE-2016-9841", "CVE-2018-3196", "CVE-2016-4000", "CVE-2018-3289", "CVE-2018-3229", "CVE-2017-3736", "CVE-2018-3286", "CVE-2018-3177", "CVE-2018-3243", "CVE-2018-3242", "CVE-2018-3148", "CVE-2018-3181", "CVE-2018-18223", "CVE-2018-0737", "CVE-2018-3268", "CVE-2018-3200", "CVE-2016-5419", "CVE-2018-3195", "CVE-2017-15095", "CVE-2016-7167", "CVE-2018-11040", "CVE-2018-3198", "CVE-2018-3166", "CVE-2016-6814", "CVE-2018-3202", "CVE-2016-1000031", "CVE-2018-3158", "CVE-2018-1000301", "CVE-2018-3238", "CVE-2018-3134", "CVE-2018-12023", "CVE-2018-3224", "CVE-2018-3165", "CVE-2016-8621", "CVE-2018-3135", "CVE-2018-3168", "CVE-2015-6937", "CVE-2018-2922", "CVE-2018-3140", "CVE-2018-2913", "CVE-2018-3207"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2456979.1>).\n", "modified": "2018-10-16T00:00:00", "published": "2018-12-18T00:00:00", "id": "ORACLE:CPUOCT2018-4428296", "href": "", "type": "oracle", "title": "CPU Oct 2018", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
