Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection

Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: 2.7.1.5659 2.0.5.3356-184 Summary: CTM-200 is the industrial cellular wireless gateway for fixed and mobile applications. The CTM-200 is a...

Libelfin 注入漏洞

Libelfin is a C 11 library for reading ELF binaries and DWARFv4 debug information. linetable::linetable function of Libelfin 0.3 is vulnerable to a denial of service. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted ELF file causing a segmentation...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2020-1788)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : gdb (EulerOS-SA-2020-1788)

According to the version of the gdb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a...

Low: Red Hat Security Advisory: file security update

An update for file is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet...

Denial Of Service (DoS)

systemtap is vulnerable to denial of service. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or,...

GLSA-202003-31 : gdb: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-202003-31 gdb: Buffer overflow It was discovered that gdb didnt properly validate the ELF section sizes from input file. Impact : A remote attacker could entice a user to open a specially crafted ELF binary using gdb, possibly...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2019-2279)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.5.0 : gdb (EulerOS-SA-2020-1088)

According to the version of the gdb package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF...

EulerOS 2.0 SP3 : gdb (EulerOS-SA-2019-2584)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

EulerOS 2.0 SP8 : gdb (EulerOS-SA-2019-2279)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

EulerOS 2.0 SP5 : gdb (EulerOS-SA-2019-1965)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

UBUNTU-CVE-2019-11190

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs such as /bin/su because installexeccreds is called too late in loadelfbinary in fs/binfmtelf.c, and thus the ptracemayaccess check has a race condition when reading /proc/pid/stat...

CVE-2018-6924

In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory...

GLSA-201710-02 : file: Stack-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-201710-02 file: Stack-based buffer overflow An issue discovered in file allows attackers to write 20 bytes to the stack buffer via a specially crafted .notes section. Impact : A remote attacker, by using a specially crafted .notes...

file: Stack-based buffer overflow

Background file is a utility that guesses a file format by scanning binary data for patterns. Description An issue discovered in file allows attackers to write 20 bytes to the stack buffer via a specially crafted .notes section. Impact A remote attacker, by using a specially crafted .notes sectio...

DEBIAN-CVE-2017-1000253

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...

Amazon Linux AMI : file (ALAS-2017-900)

An issue in file allowed an attacker to overwrite a fixed 20-byte stack buffer with a specially crafted .notes section in an ELF binary. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2017-900...

Important: file

Issue Overview: An issue in file allowed an attacker to overwrite a fixed 20-byte stack buffer with a specially crafted .notes section in an ELF binary. Affected Packages: file Issue Correction: Run yum update file or yum update --advisory ALAS-2017-900 to update your system. New Packages: i686:...