7 matches found
Linux Distros Unpatched Vulnerability : CVE-2011-0524
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple buffer overflows in the NMEA parser nmea-gen.c in gypsy 0.8 allow local users to cause a denial of service crash via unspecified vectors related to the...
RHEL 6 : gypsy (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gypsy: multiple vulnerabilities CVE-2011-0523 - Multiple buffer overflows in the NMEA parser nmea-gen.c i...
openSUSE Security Update : gypsy (openSUSE-SU-2012:0884-1)
The following changes have been made : - Add gypsy-CVE-2011-0523.patch: add config file to restrict the files that can be read. Fix CVE-2011-0523 and bnc666839. - Add gypsy-CVE-2011-0524.patch: use snprintf to avoid buffer overflows. Fix CVE-2011-0524 and bnc666839. - Add gnome-common BuildRequir...
Fedora Update for gypsy FEDORA-2013-8687
Check for the Version of gypsy OpenVAS Vulnerability Test Fedora Update for gypsy FEDORA-2013-8687 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Fedora Update for gypsy FEDORA-2013-8705
Check for the Version of gypsy OpenVAS Vulnerability Test Fedora Update for gypsy FEDORA-2013-8705 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Fedora 19 : gypsy-0.9-1.fc19 (2013-8659)
New upstream 0.9 release - add patch to fix FTBSF due to deprecated gtypeinit - Fix CVE-2011-0523 - read arbitrary files as the root user on behalf of a regular user - Fix CVE-2011-0524 - buffer overflow in nmea device input handling code no longer in existence - aarch64 support - Fix segfault...
CVE-2011-0524
CVE-2011-0524 concerns gypsy 0.8, where multiple buffer overflows in the NMEA parser (nmea-gen.c) allow local users to crash the process via the sprintf-based vulnerability. The issue is tied to the NMEA parser’s use of sprintf, enabling denial of service when running gypsy 0.8. Connected sources...