MiracleLinux 3 : glibc-2.5-118.3.0.1.AXS3 (AXSA:2014-522:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-522:01 advisory. Description: The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory,...

Linux Distros Unpatched Vulnerability : CVE-2014-5119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service...

Security Bulletin: Two (2) Vulnerabilities in glibc affect IBM FlashSystem (and TMS RAMSAN) 710, 720, 810, and 820 systems (CVE-2014-5119 and CVE-2014-0475)

Summary Vulnerabilities have been found in glibc packages, which contain standard C libraries used by multiple programs on the system. They affect the IBM FlashSystem and TMS RAMSAN 710, 720, 810, and 820 products. These vulnerabilities, if exploited, could allow execution of arbitrary code on th...

K15640: GNU C Library (glibc) vulnerabilities CVE-2014-0475, CVE-2014-5119, CVE-2013-4458

Security Advisory Description CVE-2014-0475 Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other...

Slackware: Security Advisory (SSA:2014-296-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM QRadar SIEM is affected by a GNU C Library (glibc) vulnerability (CVE-2014-5119)

Summary A security vulnerability have been discovered in GNU C Library glibc component bundled with IBM QRadar SIEM. Vulnerability Details CVE-ID: CVE-2014-5119 DESCRIPTION: The GNU C Library glibc is vulnerable to a heap-based buffer overflow, caused by an off-by-one error in the gconvtranslitfi...

SUSE: Security Advisory (SUSE-SU-2014:1125-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Netezza Host Management (CVE-2014-5119)

Summary Proof of Concept exploit code has been released on August 25th, which uses a flaw in glibc that can allow a local unprivileged user to gain root on Linux machines. Vulnerability Details CVEID: CVE-2014-5119 DESCRIPTION: Proof of Concept exploit code has been released on August 25th, which...

Security Bulletin: Vulnerabilities in GNU C Library affects IBM SmartCloud Provisioning for Software Virtual Appliance (CVE-2014-5119, CVE-2014-0475)

Summary Vulnerabilities have been identified in the GNU C Library glibc packages for the standard C and the standard math libraries on Linux systems, that affect IBM SmartCloud Provisioning 2.1 for Software Virtual Appliance CVE-2014-5119, CVE-2014-0475. Vulnerability Details CVE-ID: CVE-2014-511...

Security Bulletin: IBM Software Delivery and Lifecycle Patterns for the glibc vulnerabilities (CVE-2014-5119)

Summary IBM Software Delivery and Lifecycle Patterns requires client action for the glibc vulnerabilities. The GNU C Library glibc is vulnerable to a heap-based buffer overflow, a local attacker could exploit this vulnerability to overflow a buffer and execute arbitrary code on the system with ro...

Security Bulletin: Vulnerabilities in Bash and GNU C Library affect WebSphere Transformation Extender (WTX) with Launcher Hypervisor Edition (CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-5119, CVE-2014-7186, CVE-2014-7187)

Summary Bash and GNU C Library vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock”, a heap-based buffer overflow, and two memory corruption vulnerabilities. Bash and glibc are included in Red Hat...

Security Bulletin: Vulnerabilities in glibc affect ”WebSphere Message Broker v8 HVE” and “IBM Integration Bus V9 HVE” (CVE-2014-5119)

Summary A glibc vulnerability was disclosed in September 2014. This bulletin addresses this vulnerability that has been referred to as “glibc: off-by-one error leading to a heap-based buffer overflow flaw in gconvtranslitfind “. glibc is shipped with ”WebSphere Message Broker v8 HVE” and “IBM...

Security Bulletin: IBM Workload Deployer - Proof of Concept exploit code, which uses a flaw in glibc that can allow a local unprivileged user to gain root on Linux machine

Summary Proof of Concept exploit code, which uses a flaw in glibc that can allow a local unprivileged user to gain root on a Linux machine. This affects virtual machines deployed by IBM Workload Deployer using the IBM OS Image for RedHat Linux version 2.0, 2.0.0.1, 2.0.0.2, 2.0.0.3, 2.0.0.4 and...

SUSE: Security Advisory for glibc (SUSE-SU-2014:1129-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2014-399)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES10 Security Update : glibc (SUSE-SU-2014:1119-1)

This glibc update fixes a critical privilege escalation problem and the following security and non security issues : - bnc892073: An off-by-one error leading to a heap-based buffer overflow was found in gconvtranslitfind. An exploit that targets the problem is publicly available. CVE-2014-5119 -...

Debian DLA-43-1 : eglibc security update

CVE-2014-0475 Stephane Chazelas discovered that the GNU C library, glibc, processed '..' path segments in locale-related environment variables, possibly allowing attackers to circumvent intended restrictions, such as ForceCommand in OpenSSH, assuming that they can supply crafted locale settings...

Fedora Update for glibc FEDORA-2015-2845

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.2 : glibc (OVMSA-2015-0023) (GHOST)

The remote OracleVM system is missing necessary patches to address critical security updates : - Switch to use malloc when the input line is too long Orabug 19951108 - Use a /sys/devices/system/cpu/online for SCNPROCESSORSONLN implementation Orabug 17642251 Joe Jin - Fix parsing of numeric hosts ...

glibc security update

Oracle Linux 7: 2.17-55.0.4.el70.5 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. Jose E. Marchesi 2.17-55.5 - Rebuild and run regression testing...