SOL16342 - GNU C Library (glibc) vulnerability CVE-2012-6656
2015-04-01T00:00:00
ID SOL16342 Type f5 Reporter f5 Modified 2015-07-23T00:00:00
Description
Recommended Action
If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.
F5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.
To mitigate this vulnerability, you should permit access to F5 products only over a secure network, and limit login access to trusted users. For additional information, refer to SOL13092 - Overview of securing access to the BIG-IP system.
Supplemental Information
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
{"reporter": "f5", "published": "2015-04-01T00:00:00", "cvelist": ["CVE-2012-6656"], "title": "SOL16342 - GNU C Library (glibc) vulnerability CVE-2012-6656", "objectVersion": "1.2", "type": "f5", "hash": "e55443509352c239161c964ae2881bfe31db66e30bf09934960bc8d74cf207ab", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/300/sol16342.html", "bulletinFamily": "software", "hashmap": [{"hash": "7b0f380ed3c68aaa96f015a85b3a2587", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "0713db1f323dd7c5a529abfd7e878d87", "key": "cvelist"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "1e06e6135397a66f5046e0a71847dbbc", "key": "description"}, {"hash": "7a8f211e1e5b0cf42a7d3a08bf33fef1", "key": "href"}, {"hash": "deece5435f9c0dfd7fd1bd176f25babe", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "2ac4306b0ff4c50b08a20bee66cda153", "key": "published"}, {"hash": "34e50986569cedaa6e6853b75f5cd328", "key": "references"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "reporter"}, {"hash": "09c1e29140bf7904e965108f331d2690", "key": "title"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "type"}, {"hash": "cfcd208495d565ef66e7dff9f98764da", "key": "viewCount"}], "history": [], "enchantments": {"score": {"vector": "NONE", "value": 5.0}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-6656"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL16342.NASL", "MANDRIVA_MDVSA-2014-175.NASL", "SUSE_11_GLIBC-150129.NASL", "DEBIAN_DLA-97.NASL", "SUSE_SU-2015-0167-1.NASL", "UBUNTU_USN-2432-1.NASL", "SUSE_SU-2015-0164-1.NASL", "SUSE_SU-2014-1129-1.NASL", "DEBIAN_DSA-3142.NASL", "SUSE_SU-2015-0170-1.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-97-1:B684D", "DEBIAN:DSA-3142-1:A3964"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13947"]}, {"type": "ubuntu", "idList": ["USN-2432-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703142", "OPENVAS:1361412562310851101", "OPENVAS:703142", "OPENVAS:1361412562310121358"]}, {"type": "suse", "idList": ["SUSE-SU-2014:1129-1", "SUSE-SU-2014:1128-1"]}, {"type": "gentoo", "idList": ["GLSA-201503-04"]}], "modified": "2016-09-26T17:23:17"}, "vulnersScore": 5.0}, "modified": "2015-07-23T00:00:00", "viewCount": 2, "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "edition": 1, "affectedSoftware": [{"operator": "le", "name": "BIG-IP PSM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP APM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP LTM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP ASM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP WebAccelerator", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP WOM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP GTM", "version": "10.2.4"}, {"operator": "le", "name": "ARX", "version": "6.4.0"}, {"operator": "le", "name": "BIG-IP Edge Gateway\n", "version": "10.2.4"}], "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "id": "SOL16342", "lastseen": "2016-09-26T17:23:17", "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should permit access to F5 products only over a secure network, and limit login access to trusted users. For additional information, refer to SOL13092 - Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n"}
{"cve": [{"lastseen": "2017-07-01T11:12:23", "bulletinFamily": "NVD", "description": "iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of \"0xffff\" to the iconv function when converting IBM930 encoded data to UTF-8.", "modified": "2017-06-30T21:29:03", "published": "2014-12-05T11:59:00", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6656", "id": "CVE-2012-6656", "title": "CVE-2012-6656", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-01-16T20:21:13", "bulletinFamily": "scanner", "description": "iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows\ncontext-dependent attackers to cause a denial of service\n(out-of-bounds read) via a multibyte character value of '0xffff' to\nthe iconv function when converting IBM930 encoded data to UTF-8.\n(CVE-2012-6656)", "modified": "2019-01-04T00:00:00", "published": "2015-04-02T00:00:00", "id": "F5_BIGIP_SOL16342.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82513", "title": "F5 Networks BIG-IP : GNU C Library (glibc) vulnerability (SOL16342)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL16342.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82513);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2012-6656\");\n script_bugtraq_id(69470, 69472);\n\n script_name(english:\"F5 Networks BIG-IP : GNU C Library (glibc) vulnerability (SOL16342)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows\ncontext-dependent attackers to cause a denial of service\n(out-of-bounds read) via a multibyte character value of '0xffff' to\nthe iconv function when converting IBM930 encoded data to UTF-8.\n(CVE-2012-6656)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K16342\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL16342.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL16342\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.0.0-11.4.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.0.0-11.3.0\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.0.0-11.3.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:19:41", "bulletinFamily": "scanner", "description": "Multiple vulnerabilities has been found and corrected in glibc :\n\nWhen converting IBM930 code with iconv(), if IBM930 code which\nincludes invalid multibyte character 0xffff is specified, then iconv()\nsegfaults (CVE-2012-6656).\n\nOff-by-one error in the __gconv_translit_find function in\ngconv_trans.c in GNU C Library (aka glibc) allows context-dependent\nattackers to cause a denial of service (crash) or execute arbitrary\ncode via vectors related to the CHARSET environment variable and gconv\ntransliteration modules (CVE-2014-5119).\n\nCrashes were reported in the IBM code page decoding functions (IBM933,\nIBM935, IBM937, IBM939, IBM1364) (CVE-2014-6040).\n\nThe updated packages have been patched to correct these issues.", "modified": "2019-01-02T00:00:00", "published": "2014-09-12T00:00:00", "id": "MANDRIVA_MDVSA-2014-175.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=77654", "title": "Mandriva Linux Security Advisory : glibc (MDVSA-2014:175)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:175. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(77654);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/01/02 16:37:54\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-5119\", \"CVE-2014-6040\");\n script_bugtraq_id(68983, 69470, 69472);\n script_xref(name:\"MDVSA\", value:\"2014:175\");\n\n script_name(english:\"Mandriva Linux Security Advisory : glibc (MDVSA-2014:175)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in glibc :\n\nWhen converting IBM930 code with iconv(), if IBM930 code which\nincludes invalid multibyte character 0xffff is specified, then iconv()\nsegfaults (CVE-2012-6656).\n\nOff-by-one error in the __gconv_translit_find function in\ngconv_trans.c in GNU C Library (aka glibc) allows context-dependent\nattackers to cause a denial of service (crash) or execute arbitrary\ncode via vectors related to the CHARSET environment variable and gconv\ntransliteration modules (CVE-2014-5119).\n\nCrashes were reported in the IBM code page decoding functions (IBM933,\nIBM935, IBM937, IBM939, IBM1364) (CVE-2014-6040).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/oss-sec/2014/q3/485\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1135841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://sourceware.org/bugzilla/show_bug.cgi?id=14134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://sourceware.org/bugzilla/show_bug.cgi?id=17325\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"glibc-2.14.1-12.9.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"glibc-devel-2.14.1-12.9.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"glibc-doc-2.14.1-12.9.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"glibc-doc-pdf-2.14.1-12.9.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"glibc-i18ndata-2.14.1-12.9.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"glibc-profile-2.14.1-12.9.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"glibc-static-devel-2.14.1-12.9.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"glibc-utils-2.14.1-12.9.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"nscd-2.14.1-12.9.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:21:34", "bulletinFamily": "scanner", "description": "glibc has been updated to fix a security issue and two bugs :\n\nSecurity issue fixed :\n\n - Copy filename argument in\n posix_spawn_file_actions_addopen (CVE-2014-4043)\n\nBugs fixed :\n\n - don't touch user-controlled stdio locks in forked child\n (bsc#864081, GLIBC BZ #12847)\n\n - Fix infinite loop in check_pf (bsc#909053, GLIBC BZ\n #12926)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-11-10T00:00:00", "published": "2015-05-20T00:00:00", "id": "SUSE_SU-2015-0167-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83674", "title": "SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0167-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0167-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83674);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/11/10 11:50:02\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-4043\", \"CVE-2014-6040\");\n script_bugtraq_id(68006, 69470, 69472);\n\n script_name(english:\"SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0167-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"glibc has been updated to fix a security issue and two bugs :\n\nSecurity issue fixed :\n\n - Copy filename argument in\n posix_spawn_file_actions_addopen (CVE-2014-4043)\n\nBugs fixed :\n\n - don't touch user-controlled stdio locks in forked child\n (bsc#864081, GLIBC BZ #12847)\n\n - Fix infinite loop in check_pf (bsc#909053, GLIBC BZ\n #12926)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=864081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=882600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=909053\"\n );\n # https://download.suse.com/patch/finder/?keywords=880eb49b49e66cc28d6f1daf5ce1ccae\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa3fbe5e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2012-6656/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-6040/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150167-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c2d945b6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP2 LTSS :\n\nzypper in -t patch slessp2-glibc-10220\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"glibc-32bit-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"glibc-32bit-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"glibc-devel-32bit-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"glibc-locale-32bit-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"glibc-profile-32bit-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-devel-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-html-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-i18ndata-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-info-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-locale-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-profile-2.11.3-17.45.57.6\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"nscd-2.11.3-17.45.57.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:20:22", "bulletinFamily": "scanner", "description": "Siddhesh Poyarekar discovered that the GNU C Library incorrectly\nhandled certain multibyte characters when using the iconv function. An\nattacker could possibly use this issue to cause applications to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656)\n\nAdhemerval Zanella Netto discovered that the GNU C Library incorrectly\nhandled certain multibyte characters when using the iconv function. An\nattacker could possibly use this issue to cause applications to crash,\nresulting in a denial of service. (CVE-2014-6040)\n\nTim Waugh discovered that the GNU C Library incorrectly enforced the\nWRDE_NOCMD flag when handling the wordexp function. An attacker could\npossibly use this issue to execute arbitrary commands. (CVE-2014-7817).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-12-01T00:00:00", "published": "2014-12-04T00:00:00", "id": "UBUNTU_USN-2432-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79718", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : eglibc, glibc vulnerabilities (USN-2432-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2432-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79718);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/01 15:12:39\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\");\n script_bugtraq_id(69470, 69472, 71216);\n script_xref(name:\"USN\", value:\"2432-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : eglibc, glibc vulnerabilities (USN-2432-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Siddhesh Poyarekar discovered that the GNU C Library incorrectly\nhandled certain multibyte characters when using the iconv function. An\nattacker could possibly use this issue to cause applications to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656)\n\nAdhemerval Zanella Netto discovered that the GNU C Library incorrectly\nhandled certain multibyte characters when using the iconv function. An\nattacker could possibly use this issue to cause applications to crash,\nresulting in a denial of service. (CVE-2014-6040)\n\nTim Waugh discovered that the GNU C Library incorrectly enforced the\nWRDE_NOCMD flag when handling the wordexp function. An attacker could\npossibly use this issue to execute arbitrary commands. (CVE-2014-7817).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2432-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected libc6 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libc6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libc6\", pkgver:\"2.11.1-0ubuntu7.19\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libc6\", pkgver:\"2.15-0ubuntu10.9\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libc6\", pkgver:\"2.19-0ubuntu6.4\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libc6\", pkgver:\"2.19-10ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libc6\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:21:08", "bulletinFamily": "scanner", "description": "CVE-2012-6656\n\nFix validation check when converting from ibm930 to utf. When\nconverting IBM930 code with iconv(), if IBM930 code which includes\ninvalid multibyte character '0xffff' is specified, then iconv()\nsegfaults.\n\nCVE-2014-6040\n\nCrashes on invalid input in IBM gconv modules [BZ #17325] These\nchanges are based on the fix for BZ #14134 in commit\n6e230d11837f3ae7b375ea69d7905f0d18eb79e5.\n\nCVE-2014-7817\n\nThe function wordexp() fails to properly handle the WRDE_NOCMD flag\nwhen processing arithmetic inputs in the form of '$((... ``))' where\n'...' can be anything valid. The backticks in the arithmetic\nepxression are evaluated by in a shell even if WRDE_NOCMD forbade\ncommand substitution. This allows an attacker to attempt to pass\ndangerous commands via constructs of the above form, and bypass the\nWRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD in\nexec_comm(), the only place that can execute a shell. All other checks\nfor WRDE_NOCMD are superfluous and removed.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "modified": "2018-07-09T00:00:00", "published": "2015-03-26T00:00:00", "id": "DEBIAN_DLA-97.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82242", "title": "Debian DLA-97-1 : eglibc security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-97-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82242);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/09 14:30:25\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\");\n script_bugtraq_id(69470, 69472, 71216);\n\n script_name(english:\"Debian DLA-97-1 : eglibc security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2012-6656\n\nFix validation check when converting from ibm930 to utf. When\nconverting IBM930 code with iconv(), if IBM930 code which includes\ninvalid multibyte character '0xffff' is specified, then iconv()\nsegfaults.\n\nCVE-2014-6040\n\nCrashes on invalid input in IBM gconv modules [BZ #17325] These\nchanges are based on the fix for BZ #14134 in commit\n6e230d11837f3ae7b375ea69d7905f0d18eb79e5.\n\nCVE-2014-7817\n\nThe function wordexp() fails to properly handle the WRDE_NOCMD flag\nwhen processing arithmetic inputs in the form of '$((... ``))' where\n'...' can be anything valid. The backticks in the arithmetic\nepxression are evaluated by in a shell even if WRDE_NOCMD forbade\ncommand substitution. This allows an attacker to attempt to pass\ndangerous commands via constructs of the above form, and bypass the\nWRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD in\nexec_comm(), the only place that can execute a shell. All other checks\nfor WRDE_NOCMD are superfluous and removed.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/11/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/eglibc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:eglibc-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:glibc-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc-dev-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-dev-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-dev-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-pic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-prof\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss-dns-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libnss-files-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:locales\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:locales-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"eglibc-source\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"glibc-doc\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc-bin\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc-dev-bin\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-amd64\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-dbg\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-dev\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-dev-amd64\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-dev-i386\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-i386\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-i686\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-pic\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-prof\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-udeb\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libc6-xen\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss-dns-udeb\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libnss-files-udeb\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"locales\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"locales-all\", reference:\"2.11.3-4+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"nscd\", reference:\"2.11.3-4+deb6u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:20:50", "bulletinFamily": "scanner", "description": "glibc has been updated to fix security issues and bugs :\n\n - Fix crashes on invalid input in IBM gconv modules.\n (CVE-2014-6040 / CVE-2012-6656, bsc#894553, bsc#894556,\n GLIBC BZ #17325, GLIBC BZ #14134)\n\n - Avoid infinite loop in nss_dns getnetbyname.\n (CVE-2014-9402)\n\n - Don't touch user-controlled stdio locks in forked child.\n (bsc#864081, GLIBC BZ #12847)\n\n - Unlock mutex before going back to waiting for PI\n mutexes. (bsc#891843, GLIBC BZ #14417)\n\n - Implement x86 cpuid handling of leaf4 for cache\n information. (bsc#903288, GLIBC BZ #12587)\n\n - Fix infinite loop in check_pf. (bsc#909053, GLIBC BZ\n #12926)", "modified": "2016-02-28T00:00:00", "published": "2015-02-11T00:00:00", "id": "SUSE_11_GLIBC-150129.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81295", "title": "SuSE 11.3 Security Update : glibc (SAT Patch Number 10259)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81295);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/02/28 05:39:56 $\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-9402\");\n\n script_name(english:\"SuSE 11.3 Security Update : glibc (SAT Patch Number 10259)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"glibc has been updated to fix security issues and bugs :\n\n - Fix crashes on invalid input in IBM gconv modules.\n (CVE-2014-6040 / CVE-2012-6656, bsc#894553, bsc#894556,\n GLIBC BZ #17325, GLIBC BZ #14134)\n\n - Avoid infinite loop in nss_dns getnetbyname.\n (CVE-2014-9402)\n\n - Don't touch user-controlled stdio locks in forked child.\n (bsc#864081, GLIBC BZ #12847)\n\n - Unlock mutex before going back to waiting for PI\n mutexes. (bsc#891843, GLIBC BZ #14417)\n\n - Implement x86 cpuid handling of leaf4 for cache\n information. (bsc#903288, GLIBC BZ #12587)\n\n - Fix infinite loop in check_pf. (bsc#909053, GLIBC BZ\n #12926)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=864081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=891843\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=894553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=894556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=903288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=909053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-6656.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-6040.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-9402.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 10259.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"glibc-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"glibc-devel-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"glibc-i18ndata-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"glibc-locale-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"nscd-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i686\", reference:\"glibc-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i686\", reference:\"glibc-devel-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"glibc-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"glibc-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"glibc-devel-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"glibc-i18ndata-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"glibc-locale-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"nscd-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"glibc-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"glibc-devel-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"glibc-html-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"glibc-i18ndata-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"glibc-info-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"glibc-locale-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"glibc-profile-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"nscd-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"glibc-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"glibc-devel-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"glibc-locale-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"glibc-profile-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"glibc-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.3-17.80.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.11.3-17.80.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:21:34", "bulletinFamily": "scanner", "description": "glibc has been updated to fix one security issue and several bugs :\n\nSecurity issue fixed :\n\n - Fix crashes on invalid input in IBM gconv modules\n (CVE-2014-6040, CVE-2012-6656)\n\n - Fixed a stack overflow during hosts parsing\n (CVE-2013-4357)\n\nBugs fixed :\n\n - don't touch user-controlled stdio locks in forked child\n (bsc#864081, GLIBC BZ #12847)\n\n - Fix infinite loop in check_pf (bsc#909053, GLIBC BZ\n #12926)\n\n - Add check for RTLD_DEEPBIND environment variable to\n disable deepbinding of NSS modules (bsc#888860)\n\n - Fix infinite loop in check_pf (bsc#909053, GLIBC BZ\n #12926)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-11-10T00:00:00", "published": "2015-05-20T00:00:00", "id": "SUSE_SU-2015-0164-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83673", "title": "SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0164-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0164-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83673);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/11/10 11:50:02\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2013-4357\", \"CVE-2014-6040\");\n script_bugtraq_id(67992, 69470, 69472);\n\n script_name(english:\"SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0164-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"glibc has been updated to fix one security issue and several bugs :\n\nSecurity issue fixed :\n\n - Fix crashes on invalid input in IBM gconv modules\n (CVE-2014-6040, CVE-2012-6656)\n\n - Fixed a stack overflow during hosts parsing\n (CVE-2013-4357)\n\nBugs fixed :\n\n - don't touch user-controlled stdio locks in forked child\n (bsc#864081, GLIBC BZ #12847)\n\n - Fix infinite loop in check_pf (bsc#909053, GLIBC BZ\n #12926)\n\n - Add check for RTLD_DEEPBIND environment variable to\n disable deepbinding of NSS modules (bsc#888860)\n\n - Fix infinite loop in check_pf (bsc#909053, GLIBC BZ\n #12926)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=844309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=888860\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=894553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=894556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=909053\"\n );\n # https://download.suse.com/patch/finder/?keywords=0d01346ebb9d9e39d1c632f49a85a7ee\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2d6d44bc\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2012-6656/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-4357/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-6040/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150164-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f66ba9d9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP1 LTSS :\n\nzypper in -t patch slessp1-glibc-10217\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"glibc-32bit-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"s390x\", reference:\"glibc-32bit-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"s390x\", reference:\"glibc-devel-32bit-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"s390x\", reference:\"glibc-locale-32bit-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"s390x\", reference:\"glibc-profile-32bit-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"glibc-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"glibc-devel-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"glibc-html-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"glibc-i18ndata-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"glibc-info-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"glibc-locale-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"glibc-profile-2.11.1-0.62.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"nscd-2.11.1-0.62.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:21:33", "bulletinFamily": "scanner", "description": "This glibc update fixes a critical privilege escalation problem and\ntwo additional issues :\n\n - bnc#892073: An off-by-one error leading to a heap-based\n buffer overflow was found in __gconv_translit_find(). An\n exploit that targets the problem is publicly available.\n (CVE-2014-5119)\n\n - bnc#836746: Avoid race between {, __de}allocate_stack\n and __reclaim_stacks during fork.\n\n - bnc#844309: Fixed various overflows, reading large\n /etc/hosts or long names. (CVE-2013-4357)\n\n - bnc#894553, bnc#894556: Fixed various crashes on invalid\n input in IBM gconv modules. (CVE-2014-6040,\n CVE-2012-6656)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-11-29T00:00:00", "published": "2015-05-20T00:00:00", "id": "SUSE_SU-2014-1129-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83639", "title": "SUSE SLES11 Security Update : glibc (SUSE-SU-2014:1129-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:1129-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83639);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2018/11/29 12:03:38\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2013-4357\", \"CVE-2014-5119\", \"CVE-2014-6040\");\n script_bugtraq_id(67992, 68983, 69470, 69472, 69738);\n\n script_name(english:\"SUSE SLES11 Security Update : glibc (SUSE-SU-2014:1129-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This glibc update fixes a critical privilege escalation problem and\ntwo additional issues :\n\n - bnc#892073: An off-by-one error leading to a heap-based\n buffer overflow was found in __gconv_translit_find(). An\n exploit that targets the problem is publicly available.\n (CVE-2014-5119)\n\n - bnc#836746: Avoid race between {, __de}allocate_stack\n and __reclaim_stacks during fork.\n\n - bnc#844309: Fixed various overflows, reading large\n /etc/hosts or long names. (CVE-2013-4357)\n\n - bnc#894553, bnc#894556: Fixed various crashes on invalid\n input in IBM gconv modules. (CVE-2014-6040,\n CVE-2012-6656)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=836746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=844309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=892073\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=894553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=894556\"\n );\n # https://download.suse.com/patch/finder/?keywords=cd8403453563e9d5a949d2219d62a993\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12c9123b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2012-6656/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-4357/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-5119/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-6040/\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20141129-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab20b15d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP2 LTSS :\n\nzypper in -t patch slessp2-glibc-9721\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"glibc-32bit-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"glibc-32bit-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"glibc-devel-32bit-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"glibc-locale-32bit-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"glibc-profile-32bit-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-devel-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-html-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-i18ndata-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-info-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-locale-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"glibc-profile-2.11.3-17.45.53.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"nscd-2.11.3-17.45.53.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:20:46", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been fixed in eglibc, Debian's version of\nthe GNU C library :\n\n - CVE-2015-0235\n Qualys discovered that the gethostbyname and\n gethostbyname2 functions were subject to a buffer\n overflow if provided with a crafted IP address argument.\n This could be used by an attacker to execute arbitrary\n code in processes which called the affected functions.\n\n The original glibc bug was reported by Peter Klotz.\n\n - CVE-2014-7817\n Tim Waugh of Red Hat discovered that the WRDE_NOCMD\n option of the wordexp function did not suppress command\n execution in all cases. This allows a context-dependent\n attacker to execute shell commands.\n\n - CVE-2012-6656 CVE-2014-6040\n The charset conversion code for certain IBM multi-byte\n code pages could perform an out-of-bounds array access,\n causing the process to crash. In some scenarios, this\n allows a remote attacker to cause a persistent denial of\n service.", "modified": "2018-07-09T00:00:00", "published": "2015-01-28T00:00:00", "id": "DEBIAN_DSA-3142.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=81029", "title": "Debian DSA-3142-1 : eglibc - security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3142. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81029);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/07/09 14:30:26\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\", \"CVE-2015-0235\");\n script_bugtraq_id(69472, 71216, 72325);\n script_xref(name:\"CERT\", value:\"967332\");\n script_xref(name:\"DSA\", value:\"3142\");\n\n script_name(english:\"Debian DSA-3142-1 : eglibc - security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been fixed in eglibc, Debian's version of\nthe GNU C library :\n\n - CVE-2015-0235\n Qualys discovered that the gethostbyname and\n gethostbyname2 functions were subject to a buffer\n overflow if provided with a crafted IP address argument.\n This could be used by an attacker to execute arbitrary\n code in processes which called the affected functions.\n\n The original glibc bug was reported by Peter Klotz.\n\n - CVE-2014-7817\n Tim Waugh of Red Hat discovered that the WRDE_NOCMD\n option of the wordexp function did not suppress command\n execution in all cases. This allows a context-dependent\n attacker to execute shell commands.\n\n - CVE-2012-6656 CVE-2014-6040\n The charset conversion code for certain IBM multi-byte\n code pages could perform an out-of-bounds array access,\n causing the process to crash. In some scenarios, this\n allows a remote attacker to cause a persistent denial of\n service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-7817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-6656\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-6040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-0235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2015/dsa-3142\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the eglibc packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 2.13-38+deb7u7.\n\nFor the upcoming stable distribution (jessie) and the unstable\ndistribution (sid), the CVE-2015-0235 issue has been fixed in version\n2.18-1 of the glibc package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Exim GHOST (glibc gethostbyname) Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:eglibc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"eglibc\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc-bin\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc-dev-bin\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-dev\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-dev-i386\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-i386\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-i686\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-pic\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc0.1-prof\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-amd64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-amd64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-i386\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-mips64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-mipsn32\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-ppc64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-s390\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-s390x\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-dev-sparc64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-i386\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-i686\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-loongson2f\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-mips64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-mipsn32\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-pic\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-ppc64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-prof\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-s390\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-s390x\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-sparc64\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6-xen\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6.1\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6.1-dev\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6.1-pic\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc6.1-prof\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"locales\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"locales-all\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"multiarch-support\", reference:\"2.13-38+deb7u7\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"nscd\", reference:\"2.13-38+deb7u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-01-16T20:21:34", "bulletinFamily": "scanner", "description": "glibc has been updated to fix security issues :\n\n - Fix crashes on invalid input in IBM gconv modules\n (CVE-2014-6040, CVE-2012-6656, bsc#894553, bsc#894556,\n GLIBC BZ #17325, GLIBC BZ #14134)\n\n - Fixed a stack overflow during hosts parsing\n (CVE-2013-4357)\n\n - Copy filename argument in\n posix_spawn_file_actions_addopen (CVE-2014-4043,\n bsc#882600, BZ #17048)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2018-11-10T00:00:00", "published": "2015-05-20T00:00:00", "id": "SUSE_SU-2015-0170-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83675", "title": "SUSE SLES10 Security Update : glibc (SUSE-SU-2015:0170-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:0170-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83675);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/11/10 11:50:02\");\n\n script_cve_id(\"CVE-2012-6656\", \"CVE-2013-4357\", \"CVE-2014-4043\", \"CVE-2014-6040\");\n script_bugtraq_id(67992, 68006, 69470, 69472);\n\n script_name(english:\"SUSE SLES10 Security Update : glibc (SUSE-SU-2015:0170-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"glibc has been updated to fix security issues :\n\n - Fix crashes on invalid input in IBM gconv modules\n (CVE-2014-6040, CVE-2012-6656, bsc#894553, bsc#894556,\n GLIBC BZ #17325, GLIBC BZ #14134)\n\n - Fixed a stack overflow during hosts parsing\n (CVE-2013-4357)\n\n - Copy filename argument in\n posix_spawn_file_actions_addopen (CVE-2014-4043,\n bsc#882600, BZ #17048)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=844309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=882600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=894553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=894556\"\n );\n # https://download.suse.com/patch/finder/?keywords=1ccbe69cba5cc8835258525263c85657\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?18c9278a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2012-6656/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-4357/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-6040/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20150170-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dcd4c243\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected glibc packages\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES10\" && (! ereg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"glibc-32bit-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"glibc-32bit-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"glibc-devel-32bit-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"glibc-locale-32bit-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"glibc-profile-32bit-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"glibc-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"glibc-devel-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"glibc-html-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"glibc-i18ndata-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"glibc-info-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"glibc-locale-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"glibc-profile-2.4-31.115.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"nscd-2.4-31.115.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:14:40", "bulletinFamily": "unix", "description": "Package : eglibc\nVersion : 2.11.3-4+deb6u2\nCVE ID : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817\n\nCVE-2012-6656\n\n Fix validation check when converting from ibm930 to utf.\n When converting IBM930 code with iconv(), if IBM930 code which\n includes invalid multibyte character "0xffff" is specified, then\n iconv() segfaults.\n\nCVE-2014-6040\n\n Crashes on invalid input in IBM gconv modules [BZ #17325]\n These changes are based on the fix for BZ #14134 in commit\n 6e230d11837f3ae7b375ea69d7905f0d18eb79e5.\n\nCVE-2014-7817\n\n The function wordexp() fails to properly handle the WRDE_NOCMD\n flag when processing arithmetic inputs in the form of "$((... ``))"\n where "..." can be anything valid. The backticks in the arithmetic\n epxression are evaluated by in a shell even if WRDE_NOCMD forbade\n command substitution. This allows an attacker to attempt to pass\n dangerous commands via constructs of the above form, and bypass\n the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD\n in exec_comm(), the only place that can execute a shell. All other\n checks for WRDE_NOCMD are superfluous and removed.\n\n", "modified": "2014-11-29T19:00:34", "published": "2014-11-29T19:00:34", "id": "DEBIAN:DLA-97-1:B684D", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201411/msg00015.html", "title": "[SECURITY] [DLA 97-1] eglibc security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-18T13:49:49", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3142-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 27, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : eglibc\nCVE ID : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817 CVE-2015-0235\n\nSeveral vulnerabilities have been fixed in eglibc, Debian's version of\nthe GNU C library:\n\nCVE-2015-0235\n\n Qualys discovered that the gethostbyname and gethostbyname2\n functions were subject to a buffer overflow if provided with a\n crafted IP address argument. This could be used by an attacker to\n execute arbitrary code in processes which called the affected\n functions.\n\n The original glibc bug was reported by Peter Klotz.\n\nCVE-2014-7817\n\n Tim Waugh of Red Hat discovered that the WRDE_NOCMD option of the\n wordexp function did not suppress command execution in all cases.\n This allows a context-dependent attacker to execute shell\n commands.\n\nCVE-2012-6656\nCVE-2014-6040\n\n The charset conversion code for certain IBM multi-byte code pages\n could perform an out-of-bounds array access, causing the process\n to crash. In some scenarios, this allows a remote attacker to\n cause a persistent denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 2.13-38+deb7u7.\n\nFor the upcoming stable distribution (jessie) and the unstable\ndistribution (sid), the CVE-2015-0235 issue has been fixed in version\n2.18-1 of the glibc package.\n\nWe recommend that you upgrade your eglibc packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-01-27T15:39:21", "published": "2015-01-27T15:39:21", "id": "DEBIAN:DSA-3142-1:A3964", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00025.html", "title": "[SECURITY] [DSA 3142-1] eglibc security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:56", "bulletinFamily": "software", "description": "Off-by-one in __gconv_translit_find().", "modified": "2014-09-01T00:00:00", "published": "2014-09-01T00:00:00", "id": "SECURITYVULNS:VULN:13947", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13947", "title": "GNU glibc buffer overflow", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:52", "bulletinFamily": "unix", "description": "Siddhesh Poyarekar discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656)\n\nAdhemerval Zanella Netto discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. (CVE-2014-6040)\n\nTim Waugh discovered that the GNU C Library incorrectly enforced the WRDE_NOCMD flag when handling the wordexp function. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2014-7817)", "modified": "2014-12-03T00:00:00", "published": "2014-12-03T00:00:00", "id": "USN-2432-1", "href": "https://usn.ubuntu.com/2432-1/", "title": "GNU C Library vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "suse": [{"lastseen": "2016-09-04T12:14:55", "bulletinFamily": "unix", "description": "This glibc update fixes a critical privilege escalation problem and two\n additional issues:\n\n * bnc#892073: An off-by-one error leading to a heap-based buffer\n overflow was found in __gconv_translit_find(). An exploit that\n targets the problem is publicly available. (CVE-2014-5119)\n * bnc#836746: Avoid race between {, __de}allocate_stack and\n __reclaim_stacks during fork.\n * bnc#844309: Fixed various overflows, reading large /etc/hosts or\n long names. (CVE-2013-4357)\n * bnc#894553, bnc#894556: Fixed various crashes on invalid input in\n IBM gconv modules. (CVE-2014-6040, CVE-2012-6656)\n\n Security Issues:\n\n * CVE-2012-6656\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656</a>>\n * CVE-2013-4357\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4357\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4357</a>>\n * CVE-2014-5119\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119</a>>\n * CVE-2014-6040\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040</a>>\n\n", "modified": "2014-09-15T19:06:41", "published": "2014-09-15T19:06:41", "id": "SUSE-SU-2014:1129-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html", "type": "suse", "title": "Security update for glibc (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:57:20", "bulletinFamily": "unix", "description": "This glibc update fixes a critical privilege escalation problem and the\n following security and non-security issues:\n\n * bnc#892073: An off-by-one error leading to a heap-based buffer\n overflow was found in __gconv_translit_find(). An exploit that\n targets the problem is publicly available. (CVE-2014-5119)\n * bnc#882600: Copy filename argument in\n posix_spawn_file_actions_addopen. (CVE-2014-4043)\n * bnc#860501: Use O_LARGEFILE for utmp file.\n * bnc#842291: Fix typo in glibc-2.5-dlopen-lookup-race.diff.\n * bnc#839870: Fix integer overflows in malloc. (CVE-2013-4332)\n * bnc#834594: Fix readdir_r with long file names. (CVE-2013-4237)\n * bnc#824639: Drop lock before calling malloc_printerr.\n * bnc#801246: Fix buffer overrun in regexp matcher. (CVE-2013-0242)\n * bnc#779320: Fix buffer overflow in strcoll. (CVE-2012-4412)\n * bnc#894556 / bnc#894553: Fix crashes on invalid input in IBM gconv\n modules. (CVE-2014-6040, CVE-2012-6656, bnc#894553, bnc#894556,\n BZ#17325, BZ#14134)\n\n Security Issues:\n\n * CVE-2014-5119\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119</a>>\n * CVE-2014-4043\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043</a>>\n * CVE-2013-4332\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332</a>>\n * CVE-2013-4237\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237</a>>\n * CVE-2013-0242\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242</a>>\n * CVE-2012-4412\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412</a>>\n\n\n", "modified": "2014-09-15T19:04:18", "published": "2014-09-15T19:04:18", "id": "SUSE-SU-2014:1128-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00019.html", "title": "Security update for glibc (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-11-19T13:01:48", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-10-16T00:00:00", "id": "OPENVAS:1361412562310851101", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851101", "title": "SuSE Update for glibc SUSE-SU-2014:1129-1 (glibc)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2014_1129_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for glibc SUSE-SU-2014:1129-1 (glibc)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851101\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 20:03:09 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2012-6656\", \"CVE-2013-4357\", \"CVE-2014-5119\", \"CVE-2014-6040\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for glibc SUSE-SU-2014:1129-1 (glibc)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"This glibc update fixes a critical privilege escalation problem and two\n additional issues:\n\n * bnc#892073: An off-by-one error leading to a heap-based buffer\n overflow was found in __gconv_translit_find(). An exploit that\n targets the problem is publicly available. (CVE-2014-5119)\n\n * bnc#836746: Avoid race between {, __de}allocate_stack and\n __reclaim_stacks during fork.\n\n * bnc#844309: Fixed various overflows, reading large /etc/hosts or\n long names. (CVE-2013-4357)\n\n * bnc#894553, bnc#894556: Fixed various crashes on invalid input in\n IBM gconv modules. (CVE-2014-6040, CVE-2012-6656)\");\n\n script_tag(name:\"affected\", value:\"glibc on SUSE Linux Enterprise Server 11 SP2 LTSS\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"SUSE-SU\", value:\"2014:1129_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"SLES11.0SP2\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-html\", rpm:\"glibc-html~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-info\", rpm:\"glibc-info~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-locale\", rpm:\"glibc-locale~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-32bit\", rpm:\"glibc-32bit~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel-32bit\", rpm:\"glibc-devel-32bit~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-locale-32bit\", rpm:\"glibc-locale-32bit~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile-32bit\", rpm:\"glibc-profile-32bit~2.11.3~17.45.53.1\", rls:\"SLES11.0SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:17", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been\nfixed in eglibc, Debian", "modified": "2018-04-06T00:00:00", "published": "2015-01-27T00:00:00", "id": "OPENVAS:1361412562310703142", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703142", "title": "Debian Security Advisory DSA 3142-1 (eglibc - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3142.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3142-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703142\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\", \"CVE-2015-0235\");\n script_name(\"Debian Security Advisory DSA 3142-1 (eglibc - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-01-27 00:00:00 +0100 (Tue, 27 Jan 2015)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3142.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"eglibc on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthese problems have been fixed in version 2.13-38+deb7u7.\n\nFor the upcoming stable distribution (jessie) and the unstable\ndistribution (sid), the\nCVE-2015-0235\n\nissue has been fixed in version 2.18-1 of the glibc package.\n\nWe recommend that you upgrade your eglibc packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been\nfixed in eglibc, Debian's version of the GNU C library:\n\nCVE-2015-0235\nQualys discovered that the gethostbyname and gethostbyname2\nfunctions were subject to a buffer overflow if provided with a\ncrafted IP address argument. This could be used by an attacker to\nexecute arbitrary code in processes which called the affected\nfunctions.\n\nThe original glibc bug was reported by Peter Klotz.\n\nCVE-2014-7817\nTim Waugh of Red Hat discovered that the WRDE_NOCMD option of the\nwordexp function did not suppress command execution in all cases.\nThis allows a context-dependent attacker to execute shell\ncommands.\n\nCVE-2012-6656 CVE-2014-6040\nThe charset conversion code for certain IBM multi-byte code pages\ncould perform an out-of-bounds array access, causing the process\nto crash. In some scenarios, this allows a remote attacker to\ncause a persistent denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"eglibc-source\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"glibc-doc\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc-bin\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc-dev-bin\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-dbg\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-dev\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-dev-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-i686\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-pic\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-prof\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-amd64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dbg\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-amd64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-mips64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-mipsn32\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-ppc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-s390\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-s390x\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-sparc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-i686\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-loongson2f\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-mips64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-mipsn32\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-pic\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-ppc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-prof\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-s390\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-s390x\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-sparc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-xen\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-dbg\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-dev\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-pic\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-prof\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-dns-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-files-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"locales\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"locales-all\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"multiarch-support\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nscd\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:53:28", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been\nfixed in eglibc, Debian", "modified": "2017-07-07T00:00:00", "published": "2015-01-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703142", "id": "OPENVAS:703142", "title": "Debian Security Advisory DSA 3142-1 (eglibc - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3142.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3142-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703142);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2012-6656\", \"CVE-2014-6040\", \"CVE-2014-7817\", \"CVE-2015-0235\");\n script_name(\"Debian Security Advisory DSA 3142-1 (eglibc - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-01-27 00:00:00 +0100 (Tue, 27 Jan 2015)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3142.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"eglibc on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthese problems have been fixed in version 2.13-38+deb7u7.\n\nFor the upcoming stable distribution (jessie) and the unstable\ndistribution (sid), the\nCVE-2015-0235\n\nissue has been fixed in version 2.18-1 of the glibc package.\n\nWe recommend that you upgrade your eglibc packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been\nfixed in eglibc, Debian's version of the GNU C library:\n\nCVE-2015-0235\nQualys discovered that the gethostbyname and gethostbyname2\nfunctions were subject to a buffer overflow if provided with a\ncrafted IP address argument. This could be used by an attacker to\nexecute arbitrary code in processes which called the affected\nfunctions.\n\nThe original glibc bug was reported by Peter Klotz.\n\nCVE-2014-7817\nTim Waugh of Red Hat discovered that the WRDE_NOCMD option of the\nwordexp function did not suppress command execution in all cases.\nThis allows a context-dependent attacker to execute shell\ncommands.\n\nCVE-2012-6656 CVE-2014-6040\nThe charset conversion code for certain IBM multi-byte code pages\ncould perform an out-of-bounds array access, causing the process\nto crash. In some scenarios, this allows a remote attacker to\ncause a persistent denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"eglibc-source\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"glibc-doc\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc-bin\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc-dev-bin\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-dbg\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-dev\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-dev-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-i686\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-pic\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-prof\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc0.1-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-amd64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dbg\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-amd64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-mips64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-mipsn32\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-ppc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-s390\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-s390x\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-dev-sparc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-i386\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-i686\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-loongson2f\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-mips64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-mipsn32\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-pic\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-ppc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-prof\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-s390\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-s390x\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-sparc64\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6-xen\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-dbg\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-dev\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-pic\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-prof\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc6.1-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-dns-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss-files-udeb\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"locales\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"locales-all\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"multiarch-support\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nscd\", ver:\"2.13-38+deb7u7\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-29T12:39:00", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201503-04", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121358", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121358", "title": "Gentoo Security Advisory GLSA 201503-04", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201503-04.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121358\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:37 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201503-04\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201503-04\");\n script_cve_id(\"CVE-2012-3404\", \"CVE-2012-3405\", \"CVE-2012-3406\", \"CVE-2012-3480\", \"CVE-2012-4412\", \"CVE-2012-4424\", \"CVE-2012-6656\", \"CVE-2013-0242\", \"CVE-2013-1914\", \"CVE-2013-2207\", \"CVE-2013-4237\", \"CVE-2013-4332\", \"CVE-2013-4458\", \"CVE-2013-4788\", \"CVE-2014-4043\", \"CVE-2015-0235\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201503-04\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"sys-libs/glibc\", unaffected: make_list(\"ge 2.19-r1\"), vulnerable: make_list(\"lt 2.19-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:22", "bulletinFamily": "unix", "description": "### Background\n\nThe GNU C library is the standard C library used by Gentoo Linux systems. \n\n### Description\n\nMultiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local attacker may be able to execute arbitrary code or cause a Denial of Service condition,. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll glibc users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-libs/glibc-2.19-r1\"", "modified": "2015-03-08T00:00:00", "published": "2015-03-08T00:00:00", "id": "GLSA-201503-04", "href": "https://security.gentoo.org/glsa/201503-04", "type": "gentoo", "title": "GNU C Library: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}