19 matches found
openSUSE Security Update : glibc (openSUSE-SU-2010:0913-1)
This update of glibc fixes various bugs and security issues : CVE-2010-3847: Decoding of the $ORIGIN special value in various LD environment variables allowed local attackers to execute code in context of e.g. setuid root programs, elevating privileges. This issue does not affect SUSE as an...
SuSE9 Security Update : glibc (YOU Patch Number 12641)
Several security issues were fixed : - Integer overflow causing arbitrary code execution in ld.so --verify mode could be induced by a specially crafted binary. CVE-2010-0830 - The addmntent function would not escape the newline character properly, allowing the user to insert arbitrary newlines to...
Mandriva Update for glibc MDVSA-2010:112 (glibc)
Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDVSA-2010:112 glibc Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for glibc MDVSA-2010:112 (glibc)
Check for the Version of glibc OpenVAS Vulnerability Test Mandriva Update for glibc MDVSA-2010:112 glibc Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[SECURITY] [DSA 2058-1] New glibc packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2058-1 [email protected] http://www.debian.org/security/ Aurelien Jarno June 10, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2058-1] New glibc packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2058-1 [email protected] http://www.debian.org/security/ Aurelien Jarno June 10, 2010 http://www.debian.org/security/faq -...
Integer overflow
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
Integer overflow
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
Ubuntu: Security Advisory (USN-944-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1
Ubuntu Update for Linux kernel vulnerabilities USN-944-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9441.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
[USN-944-1] GNU C Library vulnerabilities
=========================================================== Ubuntu Security Notice USN-944-1 May 25, 2010 glibc, eglibc vulnerabilities CVE-2008-1391, CVE-2010-0296, CVE-2010-0830 =========================================================== A security issue affects the following Ubuntu releases:...
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : glibc, eglibc vulnerabilities (USN-944-1)
Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service...
CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
Mac OS X 10.5.6 Update / Mac OS X Security Update 2008-008
The remote host is missing Mac OS X 10.5.6 Update / Mac OS X Security Update 2008-008. One or more of the following components are affected: ATS BOM CoreGraphics CoreServices CoreTypes Flash Player Plug-in Kernel Libsystem Managed Client networkcmds Podcast Producer UDF OpenVAS Vulnerability Test...
多个BSD平台'strfmon()'函数整数溢出漏洞
BUGTRAQ ID: 28479 CVE ID:CVE-2008-1391 CNCVE ID:CNCVE-20081391 多个BSD平台'strfmon'函数处理存在整数溢出,可能以受影响应用程序上下文执行任意代码。失败的尝试可导致拒绝服务。 问题代码类似如下: include monetary.h ssizet strfmonchar restrict s, sizet maxsize, const char restrict format, ...; - --- 1. /usr/src/lib/libc/stdlib/strfmon.c -整数溢出...
CVE-2008-1391
CVE-2008-1391 is an integer overflow in the GNU C Library (glibc) strfmon width specifier handling that may be triggered by an attacker who can control the format string passed to strfmon (and related to printf in some contexts). The connected Nessus/OpenVAS entries indicate this vulnerability wa...