MiracleLinux 4 : glibc-2.12-1.132.AXS4 (AXSA:2014-073:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-073:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

EUVD-2013-4332

Malware in sbrugna...

SUSE CVE-2013-4332

Multiple integer overflows in malloc/malloc.c in the GNU C Library aka glibc or libc6 2.18 and earlier allow context-dependent attackers to cause a denial of service heap corruption via a large value to the 1 pvalloc, 2 valloc, 3 posixmemalign, 4 memalign, or 5 alignedalloc functions...

Security Bulletin: Apache Tomcat vulnerabilities on IBM SAN Volume Controller and Storwize Family (CVE-2013-4286 CVE-2013-4332 CVE-2014-0075 CVE-2014-0099)

Summary Apache Tomcat DoS and unauthorized access vulnerabilities Vulnerability Details This bulletin relates to vulnerabilities in the Apache Tomcat component which is used to provide the product’s management GUI. The CLI interface is unaffected. CVEID:CVE-2013-4286 DESCRIPTION: Apache Tomcat is...

Security Bulletin: Vulnerability in glibc affects Integrated Management Module 2 (IMM2) (CVE-2013-4332)

Summary Vulnerability in glibc affects Integrated Management Module 2 IMM2. Vulnerability Details Summary Vulnerability in glibc affects Integrated Management Module 2 IMM2. Vulnerability Details: CVE-ID: CVE-2013-4332 Description: The GNU C Library glibc could allow a remote attacker to execute...

Security fix for the ALT Linux 6 package glibc version 6:2.11.3-alt8.M60P.3

6:2.11.3-alt8.M60P.3 built Dec. 23, 2015 Dmitry V. Levin in task 155253 Dec. 23, 2015 Dmitry V. Levin - Backported upstream fixes for sw15330/CVE-2013-1914, sw14699/CVE-2013-4237, sw1585567/CVE-2013-4332, sw14134/CVE-2012-6656, sw17325/CVE-2014-6040, sw14547/CVE-2012-4412,4424...

Oracle: Security Advisory (ELSA-2013-1605)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 165-1] eglibc security update

Package : eglibc Version : 2.11.3-4+deb6u5 CVE ID : CVE-2012-3405 CVE-2012-3406 CVE-2012-3480 CVE-2012-4412 CVE-2012-4424 CVE-2013-0242 CVE-2013-1914 CVE-2013-4237 CVE-2013-4332 CVE-2013-4357 CVE-2013-4458 CVE-2013-4788 CVE-2013-7423 CVE-2013-7424 CVE-2014-4043 CVE-2015-1472 CVE-2015-1473 Debian...

OracleVM 3.2 : glibc (OVMSA-2015-0023) (GHOST)

The remote OracleVM system is missing necessary patches to address critical security updates : - Switch to use malloc when the input line is too long Orabug 19951108 - Use a /sys/devices/system/cpu/online for SCNPROCESSORSONLN implementation Orabug 17642251 Joe Jin - Fix parsing of numeric hosts ...

CentOS 5 : glibc (CESA-2013:1411)

Updated glibc packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Fedora Update for glibc FEDORA-2014-9830

Check the version of glibc SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868418";...

VMSA-2014-0002 : VMware vSphere updates to third-party libraries

a. DDoS vulnerability in NTP third-party libraries The NTP daemon has a DDoS vulnerability in the handling of the 'monlist' command. An attacker may send a forged request to a vulnerable NTP server resulting in an amplified response to the intended target of the DDoS attack. Mitigation Mitigation...

Security fix for the ALT Linux 9 package glibc version 6:2.17-alt6

Jan. 11, 2014 Dmitry V. Levin 6:2.17-alt6 - Backported upstream fixes for sw bugs: 14547, 14699, 15003, 15014, 15073, 15122, 15160, 15234, 15330, 15465, 15736, 15754, 15759, 15855, 15856, 15857, 15917, 16038, 16072 including fixes for CVE-2012-4412, CVE-2012-4424, CVE-2013-4237, CVE-2013-4332,...

Medium: glibc

Issue Overview: Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions pvalloc, valloc, and memalign. If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the...

Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20131121)

Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions pvalloc, valloc, and memalign. If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of t...

[ MDVSA-2013:284 ] glibc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:284 http://www.mandriva.com/en/support/security/ Package : glibc Date : November 25, 2013 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was found and corrected in glibc: Integ...

Oracle Linux 6 : glibc (ELSA-2013-1605)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-1605 advisory. - Fix getaddrinfo stack overflow resulting in application crash CVE-2013-1914, 951213. - Fix multibyte character processing crash in regexp...

Mandriva Linux Security Advisory : glibc (MDVSA-2013:283)

Updated glibc packages fixes the following security issues : Integer overflow in string/strcolll.c in the GNU C Library aka glibc or libc6 2.17 and earlier allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a long string, which triggers a...

RedHat Update for glibc RHSA-2013:1605-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1991-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...