Oracle Linux 6 : glibc (ELSA-2011-1526)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1526 advisory. - Report write error in addmnt even for cached streams 688980, CVE-2011-1089 Tenable has extracted the preceding description block directly from the...

SUSE: Security Advisory (SUSE-SU-2013:1251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Privilege Escalation

glibc is vulnerable to privilege escalation. It was discovered that the glibc addmntent function did not sanitize its input properly. A local attacker could possibly use this flaw to inject malformed lines into /etc/mtab via certain setuid mount helpers, if the attacker were allowed to mount to a...

SUSE SLED10 / SLES10 Security Update : glibc (SUSE-SU-2012:1488-1)

This collective update to the GNU Lib C library glibc provides the following fixes : - Make addmntent return errors also for cached streams bnc676178, CVE-2011-1089 - Fix overflows in vfprintf bnc770891, CVE-2012-3406 - Fix incomplete results from nscd bnc753756 - Fix a deadlock in dlsym in case...

UBUNTU-CVE-2011-1749

The nfsaddmntent function in support/nfs/nfsmntent.c in the mount.nsf tool in nfs-utils before 1.2.4 attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to corrupt this file via a process with a small RLIMITFSIZE value,...

SuSE 10 Security Update : glibc (ZYPP Patch Number 8351)

This collective update to the GNU Lib C library glibc provides the following fixes : - Make addmntent return errors also for cached streams. bnc676178, CVE-2011-1089 - Fix overflows in vfprintf. bnc770891, CVE-2012-3406 - Fix incomplete results from nscd. bnc753756 - Fix a deadlock in dlsym in ca...

Scientific Linux Security Update : glibc on SL6.x i386/x86_64

The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. A flaw was found in the way the ldd utility identified...

CentOS Update for glibc CESA-2012:0125 centos4

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for glibc CESA-2012:0125 centos4

Check for the Version of glibc OpenVAS Vulnerability Test CentOS Update for glibc CESA-2012:0125 centos4 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for glibc CESA-2011:0412 centos5 x86_64

Check for the Version of glibc OpenVAS Vulnerability Test CentOS Update for glibc CESA-2011:0412 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Ubuntu Update for eglibc USN-1396-1

Ubuntu Update for Linux kernel vulnerabilities USN-1396-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13961.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for eglibc USN-1396-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

USN-1396-1: GNU C Library vulnerabilities

It was discovered that the GNU C Library did not properly handle integer overflows in the timezone handling code. An attacker could use this to possibly execute arbitrary code by convincing an application to load a maliciously constructed tzfile. CVE-2009-5029 It was discovered that the GNU C...

glibc: Suid mount helpers fail to anticipate RLIMIT_FSIZE

The addmntent function in the GNU C Library aka glibc or libc6 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small...

glibc: Suid mount helpers fail to anticipate RLIMIT_FSIZE

The addmntent function in the GNU C Library aka glibc or libc6 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small...

SuSE 11.1 Security Update : glibc (SAT Patch Number 2700)

This update of glibc fixes the following bugs and security issues : - The implementation of initgroups of the nsscompat module omits all NIS groups at the second invocation within the same process, and also uses a needlessly inefficient method to determine the NIS groups. - An integer overflow th...

glibc: Suid mount helpers fail to anticipate RLIMIT_FSIZE

The addmntent function in the GNU C Library aka glibc or libc6 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small...

CVE-2011-1089

The addmntent function in the GNU C Library aka glibc or libc6 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small...

CVE-2011-1089

The addmntent function in the GNU C Library aka glibc or libc6 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small...

CVE-2011-1089

The addmntent function in the GNU C Library aka glibc or libc6 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small...

glibc security update

2.5-58.el56.2 - Avoid too much stack use in fnmatch 681054, CVE-2011-1071 - Properly quote output of locale 625893, CVE-2011-1095 - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged 667974, CVE-2011-0536 - Fix...