Linux Distros Unpatched Vulnerability : CVE-2017-9729

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In uClibc 0.9.33.2, there is stack exhaustion uncontrolled recursion in the checkdstlimitscalcpos1 function in misc/regex/regexec.c when processing a crafted...

Linux Distros Unpatched Vulnerability : CVE-2017-9728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In uClibc 0.9.33.2, there is an out-of-bounds read in the getsubexp function in misc/regex/regexec.c when processing a crafted regular expression. CVE-2017-9728...

Linux Distros Unpatched Vulnerability : CVE-2022-29503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to...

A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability.

...

DEBIAN-CVE-2022-29503

A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability...

PT-2022-4862 · Uclibc-Ng +3 · Uclibc-Ng +3

Name of the Vulnerable Software and Affected Versions: uClibC version 0.9.33.2 uClibC-ng version 1.0.40 Description: A memory corruption issue exists in the libpthread linuxthreads functionality. This can be triggered by thread allocation, leading to memory corruption. An attacker can exploit thi...

uClibc-ng uClibc 安全特征问题漏洞

uClibc-ng is an application. Small C library for Linux. uClibc is a small C standard library for embedded Linux systems. A security vulnerability exists in uClibc-ng version 1.0.40 and earlier, uClibc version 0.9.33.2 and earlier, which stems from the use of predictable DNS transaction IDs that c...

PT-2022-2474 · Uclibc +2 · Uclibc +2

Name of the Vulnerable Software and Affected Versions: uClibc-ng versions through 1.0.40 uClibc versions through 0.9.33.2 Description: The issue is related to the use of predictable DNS transaction IDs, which may lead to DNS cache poisoning. This is due to a reset of a value to 0x2. The...

Default configuration

Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to obtain the database password by reading /logs/sql-error.log...

DEBIAN-CVE-2017-9729

In uClibc 0.9.33.2, there is stack exhaustion uncontrolled recursion in the checkdstlimitscalcpos1 function in misc/regex/regexec.c when processing a crafted regular expression...

Out-of-bounds

In uClibc 0.9.33.2, there is an out-of-bounds read in the getsubexp function in misc/regex/regexec.c when processing a crafted regular expression...

FreeBSD : froxlor -- database password information leak (9ee72858-4159-11e5-93ad-002590263bf5)

[email protected] reports : An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...

froxlor -- database password information leak

[email protected] reports: An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...