MiracleLinux 3 : glibc-2.5-81.4.0.1.AXS3 (AXSA:2012-695:04)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-695:04 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make...

K16364: GNU C Library (glibc) vulnerability CVE-2012-3406

Security Advisory Description The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the...

Mageia: Security Advisory (MGASA-2015-0013)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:1488-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 3169-1] eglibc security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DLA 165-1] eglibc security update

Package : eglibc Version : 2.11.3-4+deb6u5 CVE ID : CVE-2012-3405 CVE-2012-3406 CVE-2012-3480 CVE-2012-4412 CVE-2012-4424 CVE-2013-0242 CVE-2013-1914 CVE-2013-4237 CVE-2013-4332 CVE-2013-4357 CVE-2013-4458 CVE-2013-4788 CVE-2013-7423 CVE-2013-7424 CVE-2014-4043 CVE-2015-1472 CVE-2015-1473 Debian...

Debian DSA-3169-1 : eglibc - security update

Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library : - CVE-2012-3406 The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not 'properly restrict the use of' the alloca function when allocating...

[SECURITY] [DSA 3169-1] eglibc security update

---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3169-1 (eglibc - security update)

Several vulnerabilities have been fixed in eglibc, Debian OpenVAS Vulnerability Test $Id: deb3169.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3169-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks GmbH...

glibc: arbitrary code execution

CVE-2012-3406 arbitrary code execution The vfprintf function in stdio-common/vfprintf.c in GNU C Library does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection...

RHEL 6 : rhev-hypervisor6 (RHSA-2012:1200)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2012:1200 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...

CVE-2012-3406

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...

CVE-2012-3406

The CVE-2012-3406 issue concerns glibc’s vfprintf (stdio-common/vfprintf.c). It states that glibc 2.5, 2.12, and likely other versions fail to properly restrict the use of alloca when allocating the SPECS array, which can bypass FORTIFY_SOURCE format-string protection and lead to a denial of serv...

CVE-2012-3406

The vfprintf function in stdio-common/vfprintf.c in GNU C Library aka glibc 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string...

Amazon Linux AMI : glibc (ALAS-2012-109)

Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFYSOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort. C...

VMSA-2012-0018 VMware security updates for vCSA and ESXi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VMware Security Advisory Advisory ID: VMSA-2012-0018 Synopsis: VMware security updates for vCSA and ESXi Issue date: 2012-12-20 Updated on: 2012-12-20 initial advisory CVE numbers: ------------- vCSA --------------- CVE-2012-6324, CVE-2012-6325...

Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : eglibc, glibc vulnerabilities (USN-1589-1)

It was discovered that positional arguments to the printf family of functions were not handled properly in the GNU C Library. An attacker could possibly use this to cause a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. CVE-2012-3404, CVE-2012-3405,...

Fedora Update for glibc FEDORA-2012-11508

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Moderate: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes multiple security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

(RHSA-2012:1185) Moderate: rhev-hypervisor5 security and bug fix update

The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine KVM hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Re...