MiracleLinux 7 : glibc-2.17-105.el7 (AXSA:2015-569:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-569:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

CVE-2015-1473 affecting package dietlibc for versions less than 0.34-7

CVE-2015-1473 affecting package dietlibc for versions less than 0.34-7. A patched version of the package is available...

SUSE CVE-2015-1473

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service segmentation violatio...

Mageia: Security Advisory (MGASA-2015-0072)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : glibc on SL7.x x86_64 (20151119)

It was discovered that, under certain circumstances, glibc's getaddrinfo function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application...

Amazon Linux: Security Advisory (ALAS-2015-617)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : glibc (CESA-2015:2199)

Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

RedHat Update for glibc RHSA-2015:2199-07

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update

Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

CVE-2015-1473

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service segmentation violatio...

AZL-40934 CVE-2015-1473 affecting package dietlibc for versions less than 0.34-7

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service segmentation violatio...

BELL-CVE-2015-1473 CVE-2015-1473 does not affect BellSoft software

Bulletin has no description...

CVE-2015-1473

CVE-2015-1473 affects the GNU C Library (glibc) prior to version 2.21, arising from the ADDW macro in stdio-common/vfscanf.c not properly factoring data-type size when using alloca in a wscanf path. This can allow context-dependent attackers to cause a denial of service (segmentation fault) or ov...

CVE-2015-1473

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service segmentation violatio...

[SECURITY] [DSA 3169-1] eglibc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DLA 165-1] eglibc security update

Package : eglibc Version : 2.11.3-4+deb6u5 CVE ID : CVE-2012-3405 CVE-2012-3406 CVE-2012-3480 CVE-2012-4412 CVE-2012-4424 CVE-2013-0242 CVE-2013-1914 CVE-2013-4237 CVE-2013-4332 CVE-2013-4357 CVE-2013-4458 CVE-2013-4788 CVE-2013-7423 CVE-2013-7424 CVE-2014-4043 CVE-2015-1472 CVE-2015-1473 Debian...

Ubuntu: Security Advisory (USN-2519-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3169-1 : eglibc - security update

Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library : - CVE-2012-3406 The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not 'properly restrict the use of' the alloca function when allocating...

[SECURITY] [DSA 3169-1] eglibc security update

---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...

Updated glibc packages fix security vulnerabilities

Under certain conditions wscanf can allocate too little memory for the to-be-scanned arguments and overflow the allocated buffer CVE-2015-1472. The incorrect use of "libcusealloca newsize" caused a different and weaker policy to be enforced which could allow a denial of service attack CVE-2015-14...