25 matches found
EUVD-2000-0999
Malware in sbrugna...
K39250133: glibc vulnerability CVE-2015-8779
Security Advisory Description Stack-based buffer overflow in the catopen function in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long catalog name. CVE-2015-8779 Impact ...
SUSE CVE-2015-8779
Stack-based buffer overflow in the catopen function in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long catalog name...
RedHat Update for glibc RHSA-2017:1916-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
glibc: Unbounded stack allocation in catopen function
A stack based buffer overflow vulnerability was found in the catopen function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code...
Scientific Linux Security Update : glibc on SL6.x i386/x86_64 (20170321)
Security Fixes : - A stack overflow vulnerability was found in nan functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code. CVE-2014-9761 - It was found that out-of-range time values passed to the strftime functio...
glibc: Unbounded stack allocation in catopen function
A stack based buffer overflow vulnerability was found in the catopen function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code...
USN-2985-2: GNU C Library regression
USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-2014-9761 and a future update will be provided to...
Ubuntu 14.04 LTS : GNU C Library vulnerabilities (USN-2985-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2985-1 advisory. Martin Carpenter discovered that ptchown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain...
USN-2985-1: GNU C Library vulnerabilities
Martin Carpenter discovered that ptchown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. CVE-2013-2207, CVE-2016-2856 Robin Hack discovered that the Name Service Switch NSS...
CVE-2015-8779
Stack-based buffer overflow in the catopen function in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long catalog name...
DEBIAN-CVE-2015-8779
Stack-based buffer overflow in the catopen function in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long catalog name...
Stack overflow
Stack-based buffer overflow in the catopen function in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long catalog name...
UBUNTU-CVE-2015-8779
Stack-based buffer overflow in the catopen function in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long catalog name...
Debian DSA-3481-1 : glibc - security update
Several vulnerabilities have been fixed in the GNU C Library, glibc. The first vulnerability listed below is considered to have critical impact. - CVE-2015-7547 The Google Security Team and Red Hat discovered that the glibc host name resolver function, getaddrinfo, when processing AFUNSPEC querie...
[SECURITY] [DSA 3481-1] glibc security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3481-1 [email protected] https://www.debian.org/security/ Florian Weimer February 16, 2016 https://www.debian.org/security/faq -...
glibc catopen() Unbounded Stack Allocations
glibc catopen Multiple unbounded stack allocations URL: https://cxsecurity.com/issue/WLB-2016010149 --------------------------------------- PoC: include include include int main char buff; buff=malloc11111111; memsetbuff,'A',11111110; buff11111110='\0'; catopenbuff, NLCATLOCALE; return 0;...
HP-UX 10/11 NLSPATH Environment Variable Format String Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/8985/info HP-UX allows the NLSPATH to be set for setuid root programs, which use catopen3C and may be executed by other local users. This could result in privilege escalation as an attacker could specify an arbitrary path...
HP-UX 10/11 NLSPATH Environment Variable Format String Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/8985/info HP-UX allows the NLSPATH to be set for setuid root programs, which use catopen3C and may be executed by other local users. This could result in privilege escalation as an attacker could specify an arbitrary path...
HP-UX 1011 - NLSPATH Environment Variable Format String (1)
HP-UX 1011 - NLSPATH Environment Variable Format String 1 // source: https://www.securityfocus.com/bid/8985/info HP-UX allows the NLSPATH to be set for setuid root programs, which use catopen3C and may be executed by other local users. This could result in privilege escalation as an attacker coul...