SOL16342 - GNU C Library (glibc) vulnerability CVE-2012-6656
2015-04-01T00:00:00
ID SOL16342 Type f5 Reporter f5 Modified 2015-07-23T00:00:00
Description
Recommended Action
If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.
F5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.
To mitigate this vulnerability, you should permit access to F5 products only over a secure network, and limit login access to trusted users. For additional information, refer to SOL13092 - Overview of securing access to the BIG-IP system.
Supplemental Information
SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
{"reporter": "f5", "published": "2015-04-01T00:00:00", "cvelist": ["CVE-2012-6656"], "title": "SOL16342 - GNU C Library (glibc) vulnerability CVE-2012-6656", "objectVersion": "1.2", "type": "f5", "hash": "e55443509352c239161c964ae2881bfe31db66e30bf09934960bc8d74cf207ab", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/300/sol16342.html", "bulletinFamily": "software", "hashmap": [{"hash": "7b0f380ed3c68aaa96f015a85b3a2587", "key": "affectedSoftware"}, {"hash": "f9fa10ba956cacf91d7878861139efb9", "key": "bulletinFamily"}, {"hash": "0713db1f323dd7c5a529abfd7e878d87", "key": "cvelist"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "1e06e6135397a66f5046e0a71847dbbc", "key": "description"}, {"hash": "7a8f211e1e5b0cf42a7d3a08bf33fef1", "key": "href"}, {"hash": "deece5435f9c0dfd7fd1bd176f25babe", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "2ac4306b0ff4c50b08a20bee66cda153", "key": "published"}, {"hash": "34e50986569cedaa6e6853b75f5cd328", "key": "references"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "reporter"}, {"hash": "09c1e29140bf7904e965108f331d2690", "key": "title"}, {"hash": "74ce2e1a498f2fa27b5542040be774dc", "key": "type"}, {"hash": "cfcd208495d565ef66e7dff9f98764da", "key": "viewCount"}], "history": [], "enchantments": {"vulnersScore": 5.0}, "modified": "2015-07-23T00:00:00", "viewCount": 0, "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "edition": 1, "affectedSoftware": [{"operator": "le", "name": "BIG-IP PSM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP APM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP LTM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP ASM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP WebAccelerator", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP Link Controller", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP WOM", "version": "10.2.4"}, {"operator": "le", "name": "BIG-IP GTM", "version": "10.2.4"}, {"operator": "le", "name": "ARX", "version": "6.4.0"}, {"operator": "le", "name": "BIG-IP Edge Gateway\n", "version": "10.2.4"}], "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "id": "SOL16342", "lastseen": "2016-09-26T17:23:17", "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should permit access to F5 products only over a secure network, and limit login access to trusted users. For additional information, refer to SOL13092 - Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n"}
{"result": {"cve": [{"id": "CVE-2012-6656", "type": "cve", "title": "CVE-2012-6656", "description": "iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of \"0xffff\" to the iconv function when converting IBM930 encoded data to UTF-8.", "published": "2014-12-05T11:59:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6656", "cvelist": ["CVE-2012-6656"], "lastseen": "2017-07-01T11:12:23"}], "nessus": [{"id": "F5_BIGIP_SOL16342.NASL", "type": "nessus", "title": "F5 Networks BIG-IP : GNU C Library (glibc) vulnerability (SOL16342)", "description": "iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of '0xffff' to the iconv function when converting IBM930 encoded data to UTF-8.\n(CVE-2012-6656)", "published": "2015-04-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82513", "cvelist": ["CVE-2012-6656"], "lastseen": "2018-07-12T17:28:29"}, {"id": "MANDRIVA_MDVSA-2014-175.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : glibc (MDVSA-2014:175)", "description": "Multiple vulnerabilities has been found and corrected in glibc :\n\nWhen converting IBM930 code with iconv(), if IBM930 code which includes invalid multibyte character 0xffff is specified, then iconv() segfaults (CVE-2012-6656).\n\nOff-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules (CVE-2014-5119).\n\nCrashes were reported in the IBM code page decoding functions (IBM933, IBM935, IBM937, IBM939, IBM1364) (CVE-2014-6040).\n\nThe updated packages have been patched to correct these issues.", "published": "2014-09-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=77654", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2012-6656"], "lastseen": "2017-10-29T13:33:26"}, {"id": "SUSE_11_GLIBC-150129.NASL", "type": "nessus", "title": "SuSE 11.3 Security Update : glibc (SAT Patch Number 10259)", "description": "glibc has been updated to fix security issues and bugs :\n\n - Fix crashes on invalid input in IBM gconv modules.\n (CVE-2014-6040 / CVE-2012-6656, bsc#894553, bsc#894556, GLIBC BZ #17325, GLIBC BZ #14134)\n\n - Avoid infinite loop in nss_dns getnetbyname.\n (CVE-2014-9402)\n\n - Don't touch user-controlled stdio locks in forked child.\n (bsc#864081, GLIBC BZ #12847)\n\n - Unlock mutex before going back to waiting for PI mutexes. (bsc#891843, GLIBC BZ #14417)\n\n - Implement x86 cpuid handling of leaf4 for cache information. (bsc#903288, GLIBC BZ #12587)\n\n - Fix infinite loop in check_pf. (bsc#909053, GLIBC BZ #12926)", "published": "2015-02-11T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=81295", "cvelist": ["CVE-2014-6040", "CVE-2014-9402", "CVE-2012-6656"], "lastseen": "2017-10-29T13:35:51"}, {"id": "DEBIAN_DLA-97.NASL", "type": "nessus", "title": "Debian DLA-97-1 : eglibc security update", "description": "CVE-2012-6656\n\nFix validation check when converting from ibm930 to utf. When converting IBM930 code with iconv(), if IBM930 code which includes invalid multibyte character '0xffff' is specified, then iconv() segfaults.\n\nCVE-2014-6040\n\nCrashes on invalid input in IBM gconv modules [BZ #17325] These changes are based on the fix for BZ #14134 in commit 6e230d11837f3ae7b375ea69d7905f0d18eb79e5.\n\nCVE-2014-7817\n\nThe function wordexp() fails to properly handle the WRDE_NOCMD flag when processing arithmetic inputs in the form of '$((... ``))' where '...' can be anything valid. The backticks in the arithmetic epxression are evaluated by in a shell even if WRDE_NOCMD forbade command substitution. This allows an attacker to attempt to pass dangerous commands via constructs of the above form, and bypass the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD in exec_comm(), the only place that can execute a shell. All other checks for WRDE_NOCMD are superfluous and removed.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-03-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82242", "cvelist": ["CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "lastseen": "2018-07-10T05:33:41"}, {"id": "SUSE_SU-2015-0167-1.NASL", "type": "nessus", "title": "SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0167-1)", "description": "glibc has been updated to fix a security issue and two bugs :\n\nSecurity issue fixed :\n\n - Copy filename argument in posix_spawn_file_actions_addopen (CVE-2014-4043)\n\nBugs fixed :\n\n - don't touch user-controlled stdio locks in forked child (bsc#864081, GLIBC BZ #12847)\n\n - Fix infinite loop in check_pf (bsc#909053, GLIBC BZ #12926)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83674", "cvelist": ["CVE-2014-4043", "CVE-2014-6040", "CVE-2012-6656"], "lastseen": "2017-10-29T13:46:14"}, {"id": "UBUNTU_USN-2432-1.NASL", "type": "nessus", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : eglibc, glibc vulnerabilities (USN-2432-1)", "description": "Siddhesh Poyarekar discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656)\n\nAdhemerval Zanella Netto discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. (CVE-2014-6040)\n\nTim Waugh discovered that the GNU C Library incorrectly enforced the WRDE_NOCMD flag when handling the wordexp function. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2014-7817).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-12-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=79718", "cvelist": ["CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "lastseen": "2017-10-29T13:32:53"}, {"id": "SUSE_SU-2015-0164-1.NASL", "type": "nessus", "title": "SUSE SLES11 Security Update : glibc (SUSE-SU-2015:0164-1)", "description": "glibc has been updated to fix one security issue and several bugs :\n\nSecurity issue fixed :\n\n - Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040, CVE-2012-6656)\n\n - Fixed a stack overflow during hosts parsing (CVE-2013-4357)\n\nBugs fixed :\n\n - don't touch user-controlled stdio locks in forked child (bsc#864081, GLIBC BZ #12847)\n\n - Fix infinite loop in check_pf (bsc#909053, GLIBC BZ #12926)\n\n - Add check for RTLD_DEEPBIND environment variable to disable deepbinding of NSS modules (bsc#888860)\n\n - Fix infinite loop in check_pf (bsc#909053, GLIBC BZ #12926)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-20T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83673", "cvelist": ["CVE-2014-6040", "CVE-2013-4357", "CVE-2012-6656"], "lastseen": "2017-10-29T13:38:24"}, {"id": "SUSE_SU-2014-1129-1.NASL", "type": "nessus", "title": "SUSE SLES11 Security Update : glibc (SUSE-SU-2014:1129-1)", "description": "This glibc update fixes a critical privilege escalation problem and two additional issues :\n\n - bnc#892073: An off-by-one error leading to a heap-based buffer overflow was found in __gconv_translit_find(). An exploit that targets the problem is publicly available.\n (CVE-2014-5119)\n\n - bnc#836746: Avoid race between {, __de}allocate_stack and __reclaim_stacks during fork.\n\n - bnc#844309: Fixed various overflows, reading large /etc/hosts or long names. (CVE-2013-4357)\n\n - bnc#894553, bnc#894556: Fixed various crashes on invalid input in IBM gconv modules. (CVE-2014-6040, CVE-2012-6656)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83639", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2013-4357", "CVE-2012-6656"], "lastseen": "2017-10-29T13:33:42"}, {"id": "SUSE_SU-2015-0170-1.NASL", "type": "nessus", "title": "SUSE SLES10 Security Update : glibc (SUSE-SU-2015:0170-1)", "description": "glibc has been updated to fix security issues :\n\n - Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040, CVE-2012-6656, bsc#894553, bsc#894556, GLIBC BZ #17325, GLIBC BZ #14134)\n\n - Fixed a stack overflow during hosts parsing (CVE-2013-4357)\n\n - Copy filename argument in posix_spawn_file_actions_addopen (CVE-2014-4043, bsc#882600, BZ #17048)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83675", "cvelist": ["CVE-2014-4043", "CVE-2014-6040", "CVE-2013-4357", "CVE-2012-6656"], "lastseen": "2017-10-29T13:35:47"}, {"id": "DEBIAN_DSA-3142.NASL", "type": "nessus", "title": "Debian DSA-3142-1 : eglibc - security update", "description": "Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library :\n\n - CVE-2015-0235 Qualys discovered that the gethostbyname and gethostbyname2 functions were subject to a buffer overflow if provided with a crafted IP address argument.\n This could be used by an attacker to execute arbitrary code in processes which called the affected functions.\n\n The original glibc bug was reported by Peter Klotz.\n\n - CVE-2014-7817 Tim Waugh of Red Hat discovered that the WRDE_NOCMD option of the wordexp function did not suppress command execution in all cases. This allows a context-dependent attacker to execute shell commands.\n\n - CVE-2012-6656 CVE-2014-6040 The charset conversion code for certain IBM multi-byte code pages could perform an out-of-bounds array access, causing the process to crash. In some scenarios, this allows a remote attacker to cause a persistent denial of service.", "published": "2015-01-28T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=81029", "cvelist": ["CVE-2015-0235", "CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "lastseen": "2018-07-10T05:30:43"}], "debian": [{"id": "DLA-97", "type": "debian", "title": "eglibc -- LTS security update", "description": "* [CVE-2012-6656](<https://security-tracker.debian.org/tracker/CVE-2012-6656>)\n\nFix validation check when converting from ibm930 to utf. When converting IBM930 code with iconv(), if IBM930 code which includes invalid multibyte character 0xffff is specified, then iconv() segfaults.\n\n * [CVE-2014-6040](<https://security-tracker.debian.org/tracker/CVE-2014-6040>)\n\nCrashes on invalid input in IBM gconv modules [BZ #17325] These changes are based on the fix for BZ #14134 in commit 6e230d11837f3ae7b375ea69d7905f0d18eb79e5.\n\n * [CVE-2014-7817](<https://security-tracker.debian.org/tracker/CVE-2014-7817>)\n\nThe function wordexp() fails to properly handle the WRDE_NOCMD flag when processing arithmetic inputs in the form of \"$((... ``))\" where \"...\" can be anything valid. The backticks in the arithmetic epxression are evaluated by in a shell even if WRDE_NOCMD forbade command substitution. This allows an attacker to attempt to pass dangerous commands via constructs of the above form, and bypass the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD in exec_comm(), the only place that can execute a shell. All other checks for WRDE_NOCMD are superfluous and removed.\n\nFor Debian 6 Squeeze, these issues have been fixed in eglibc version 2.11.3-4+deb6u2", "published": "2014-11-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/2014/dla-97", "cvelist": ["CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "lastseen": "2018-07-04T01:37:12"}, {"id": "DSA-3142", "type": "debian", "title": "eglibc -- security update", "description": "Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library:\n\n * [CVE-2015-0235](<https://security-tracker.debian.org/tracker/CVE-2015-0235>)\n\nQualys discovered that the gethostbyname and gethostbyname2 functions were subject to a buffer overflow if provided with a crafted IP address argument. This could be used by an attacker to execute arbitrary code in processes which called the affected functions.\n\nThe original glibc bug was reported by Peter Klotz.\n\n * [CVE-2014-7817](<https://security-tracker.debian.org/tracker/CVE-2014-7817>)\n\nTim Waugh of Red Hat discovered that the WRDE_NOCMD option of the wordexp function did not suppress command execution in all cases. This allows a context-dependent attacker to execute shell commands.\n\n * [CVE-2012-6656](<https://security-tracker.debian.org/tracker/CVE-2012-6656>) [CVE-2014-6040](<https://security-tracker.debian.org/tracker/CVE-2014-6040>)\n\nThe charset conversion code for certain IBM multi-byte code pages could perform an out-of-bounds array access, causing the process to crash. In some scenarios, this allows a remote attacker to cause a persistent denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 2.13-38+deb7u7.\n\nFor the upcoming stable distribution (jessie) and the unstable distribution (sid), the [CVE-2015-0235](<https://security-tracker.debian.org/tracker/CVE-2015-0235>) issue has been fixed in version 2.18-1 of the glibc package.\n\nWe recommend that you upgrade your eglibc packages.", "published": "2015-01-27T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-3142", "cvelist": ["CVE-2015-0235", "CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "lastseen": "2016-09-02T18:24:07"}], "ubuntu": [{"id": "USN-2432-1", "type": "ubuntu", "title": "GNU C Library vulnerabilities", "description": "Siddhesh Poyarekar discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656)\n\nAdhemerval Zanella Netto discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. (CVE-2014-6040)\n\nTim Waugh discovered that the GNU C Library incorrectly enforced the WRDE_NOCMD flag when handling the wordexp function. An attacker could possibly use this issue to execute arbitrary commands. (CVE-2014-7817)", "published": "2014-12-03T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2432-1/", "cvelist": ["CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "lastseen": "2018-03-29T18:19:20"}], "openvas": [{"id": "OPENVAS:1361412562310703142", "type": "openvas", "title": "Debian Security Advisory DSA 3142-1 (eglibc - security update)", "description": "Several vulnerabilities have been\nfixed in eglibc, Debian", "published": "2015-01-27T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703142", "cvelist": ["CVE-2015-0235", "CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "lastseen": "2018-04-06T11:28:11"}, {"id": "OPENVAS:1361412562310851101", "type": "openvas", "title": "SuSE Update for glibc SUSE-SU-2014:1129-1 (glibc)", "description": "Check the version of glibc", "published": "2015-10-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851101", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2013-4357", "CVE-2012-6656"], "lastseen": "2017-12-12T11:17:07"}, {"id": "OPENVAS:703142", "type": "openvas", "title": "Debian Security Advisory DSA 3142-1 (eglibc - security update)", "description": "Several vulnerabilities have been\nfixed in eglibc, Debian", "published": "2015-01-27T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703142", "cvelist": ["CVE-2015-0235", "CVE-2014-6040", "CVE-2014-7817", "CVE-2012-6656"], "lastseen": "2017-07-24T12:53:28"}, {"id": "OPENVAS:1361412562310121358", "type": "openvas", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201503-04", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201503-04", "published": "2015-09-29T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121358", "cvelist": ["CVE-2015-0235", "CVE-2013-0242", "CVE-2014-4043", "CVE-2012-3404", "CVE-2013-4788", "CVE-2012-3405", "CVE-2012-4412", "CVE-2012-4424", "CVE-2013-4332", "CVE-2012-3480", "CVE-2013-2207", "CVE-2013-1914", "CVE-2012-6656", "CVE-2013-4458", "CVE-2013-4237", "CVE-2012-3406"], "lastseen": "2018-04-09T11:28:59"}], "suse": [{"id": "SUSE-SU-2014:1129-1", "type": "suse", "title": "Security update for glibc (important)", "description": "This glibc update fixes a critical privilege escalation problem and two\n additional issues:\n\n * bnc#892073: An off-by-one error leading to a heap-based buffer\n overflow was found in __gconv_translit_find(). An exploit that\n targets the problem is publicly available. (CVE-2014-5119)\n * bnc#836746: Avoid race between {, __de}allocate_stack and\n __reclaim_stacks during fork.\n * bnc#844309: Fixed various overflows, reading large /etc/hosts or\n long names. (CVE-2013-4357)\n * bnc#894553, bnc#894556: Fixed various crashes on invalid input in\n IBM gconv modules. (CVE-2014-6040, CVE-2012-6656)\n\n Security Issues:\n\n * CVE-2012-6656\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656</a>>\n * CVE-2013-4357\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4357\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4357</a>>\n * CVE-2014-5119\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119</a>>\n * CVE-2014-6040\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040</a>>\n\n", "published": "2014-09-15T19:06:41", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html", "cvelist": ["CVE-2014-5119", "CVE-2014-6040", "CVE-2013-4357", "CVE-2012-6656"], "lastseen": "2016-09-04T12:14:55"}, {"id": "SUSE-SU-2014:1128-1", "type": "suse", "title": "Security update for glibc (important)", "description": "This glibc update fixes a critical privilege escalation problem and the\n following security and non-security issues:\n\n * bnc#892073: An off-by-one error leading to a heap-based buffer\n overflow was found in __gconv_translit_find(). An exploit that\n targets the problem is publicly available. (CVE-2014-5119)\n * bnc#882600: Copy filename argument in\n posix_spawn_file_actions_addopen. (CVE-2014-4043)\n * bnc#860501: Use O_LARGEFILE for utmp file.\n * bnc#842291: Fix typo in glibc-2.5-dlopen-lookup-race.diff.\n * bnc#839870: Fix integer overflows in malloc. (CVE-2013-4332)\n * bnc#834594: Fix readdir_r with long file names. (CVE-2013-4237)\n * bnc#824639: Drop lock before calling malloc_printerr.\n * bnc#801246: Fix buffer overrun in regexp matcher. (CVE-2013-0242)\n * bnc#779320: Fix buffer overflow in strcoll. (CVE-2012-4412)\n * bnc#894556 / bnc#894553: Fix crashes on invalid input in IBM gconv\n modules. (CVE-2014-6040, CVE-2012-6656, bnc#894553, bnc#894556,\n BZ#17325, BZ#14134)\n\n Security Issues:\n\n * CVE-2014-5119\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119</a>>\n * CVE-2014-4043\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043</a>>\n * CVE-2013-4332\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332</a>>\n * CVE-2013-4237\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237</a>>\n * CVE-2013-0242\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242</a>>\n * CVE-2012-4412\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412</a>>\n\n\n", "published": "2014-09-15T19:04:18", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00019.html", "cvelist": ["CVE-2013-0242", "CVE-2014-5119", "CVE-2014-4043", "CVE-2014-6040", "CVE-2012-4412", "CVE-2013-4332", "CVE-2012-6656", "CVE-2013-4237"], "lastseen": "2016-09-04T11:57:20"}], "gentoo": [{"id": "GLSA-201503-04", "type": "gentoo", "title": "GNU C Library: Multiple vulnerabilities", "description": "### Background\n\nThe GNU C library is the standard C library used by Gentoo Linux systems. \n\n### Description\n\nMultiple vulnerabilities have been discovered in the GNU C Library. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local attacker may be able to execute arbitrary code or cause a Denial of Service condition,. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll glibc users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-libs/glibc-2.19-r1\"", "published": "2015-03-08T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201503-04", "cvelist": ["CVE-2015-0235", "CVE-2013-0242", "CVE-2014-4043", "CVE-2012-3404", "CVE-2013-4788", "CVE-2012-3405", "CVE-2012-4412", "CVE-2012-4424", "CVE-2013-4332", "CVE-2012-3480", "CVE-2013-2207", "CVE-2013-1914", "CVE-2012-6656", "CVE-2013-4458", "CVE-2013-4237", "CVE-2012-3406"], "lastseen": "2016-09-06T19:46:22"}]}}
