Denial Of Service (DoS) Through Stack Buffer Underflow

libarchive.so is vulnerable to denial of service DoS. The vulnerability exists due to a possible stack buffer underflow issue when parsing the ar header...

gdal/gdal_translate_fuzzer: Stack-buffer-underflow in reduce

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5156689281024000 Project: gdal Fuzzer: aflgdaltranslatefuzzer Fuzz target binary: gdaltranslatefuzzer Job Type: aflasangdal Platform Id: linux Crash Type: Stack-buffer-underflow READ 4 Crash Address:...

EulerOS 2.0 SP1 : ruby (EulerOS-SA-2018-1066)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could...

EulerOS 2.0 SP2 : ruby (EulerOS-SA-2018-1067)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could...

ruby, rubygem, rubygems security update

CentOS Errata and Security Advisory CESA-2018:0378 An update for ruby is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : ruby on SL7.x x86_64 (20180228)

Security Fixes : - It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could exploit this flaw to execute arbitrary commands by setting up a malicious FTP server and tricking a user or Ruby application into...

Important: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ruby: Buffer underrun vulnerability in Kernel.sprintf

A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter...

EulerOS 2.0 SP1 : glibc (EulerOS-SA-2018-1047)

According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to ...

EulerOS 2.0 SP2 : glibc (EulerOS-SA-2018-1048)

According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to ...

Debian: Security Advisory (DLA-1037-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Type confusion

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

DEBIAN-CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...

CVE-2018-1000001

CVE-2018-1000001 affects glibc up to version 2.26; realpath() can underflow a destination buffer when getcwd() returns a relative path, enabling local privilege escalation. Connected advisories confirm the issue and list affected packages (glibc and related). Remediation in documented advisories ...

CVE-2018-1000001

In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

[ASA-201801-18] glibc: privilege escalation

Arch Linux Security Advisory ASA-201801-18 ========================================== Severity: High Date : 2018-01-28 CVE-ID : CVE-2018-1000001 Package : glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-590 Summary ======= The package glibc before version...