EUVD-2015-2112

Malware in sbrugna...

Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Summary Cloud Pak for Security CP4S v1.8.1.0 and earlier uses packages that are vulnerable to several CVEs. These have been remediated in the latest product release. Please see below for CVE details and the Remediation section for upgrade instructions. Vulnerability Details CVEID:CVE-2015-8985...

Linux Distros Unpatched Vulnerability : CVE-2015-8984

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fnmatch function in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash...

CVE-2015-8984

creationtimestamp| type| source ---|---|--- 2023-06-26 20:06:40+00:00| seen| https://t.me/cibsecurity/65494...

Design/Logic Flaw

endpattern called from internalfnmatch in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash, as demonstrated by use of the fnmatch library function with the ! pattern. NOTE: this is not the same as CVE-2015-8984...

K29241247: GNU C Library (glibc) vulnerability CVE-2015-8984

Security Advisory Description The fnmatch function in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash via a malformed pattern, which triggers an out-of-bounds read. CVE-2015-8984 Impact An attacker with...

F5 Networks BIG-IP : GNU C Library (glibc) vulnerability (K29241247)

The fnmatch function in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash via a malformed pattern, which triggers an out-of-bounds read. CVE-2015-8984 C Tenable Network Security, Inc. The descriptive text and...

USN-3239-2: GNU C Library Regression | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. Original advisory details: It was discovered...

USN-3239-3: GNU C Library regression

USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2016-3706 introduced a regression that in some circumstances prevented IPv6 addresses from resolving. This update reverts the change in Ubuntu 12.04 LTS. We apologize for the error. Original advisory details: It...

Ubuntu 12.04 LTS : eglibc regression (USN-3239-3)

USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2016-3706 introduced a regression that in some circumstances prevented IPv6 addresses from resolving. This update reverts the change in Ubuntu 12.04 LTS. We apologize for the error. It was discovered that the GN...

Ubuntu 14.04 LTS / 16.04 LTS : GNU C Library Regression (USN-3239-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3239-2 advisory. USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver...

Ubuntu: Security Advisory (USN-3239-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3239-2: GNU C Library Regression

USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. We apologize for the inconvenience. Please note that long-running services that were restarted to compensa...

Ubuntu 14.04 LTS / 16.04 LTS : GNU C Library vulnerabilities (USN-3239-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3239-1 advisory. It was discovered that the GNU C Library incorrectly handled the strxfrm function. An attacker could use this issue to cause a denial of...

CVE-2015-8984

The fnmatch function in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash via a malformed pattern, which triggers an out-of-bounds read...

CVE-2015-8984

CVE-2015-8984 affects IBM Cloud Pak for Security (CP4S). The CP4S remediation bulletin confirms CP4S versions 1.8.1.0, 1.8.0.0 and 1.7.2.0 contain the glibc fnmatch out-of-bounds read vulnerability described in the CVE (context-dependent denial-of-service via malformed pattern). The documented fi...

UBUNTU-CVE-2015-8984

The fnmatch function in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash via a malformed pattern, which triggers an out-of-bounds read...