50 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-7817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The wordexp function in GNU C Library aka glibc 2.21 does not enforce the WRDENOCMD flag, which allows context-dependent attackers to execute arbitrary commands...
K16010: GNU C Library (glibc) vulnerability CVE-2014-7817
Security Advisory Description The wordexp function in GNU C Library aka glibc 2.21 does not enforce the WRDENOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$...". CVE-2014-7817 Impact An attacker with local access and...
Ubuntu: Security Advisory (USN-2432-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0496)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: GNU C Library (glibc) Vulnerability Affects Power Hardware Management Console (CVE-2015-0235, CVE-2014-6040, CVE-2014-7817)
Summary GNU C library glibc vulnerability that has been referred to as GHOST affects Power Hardware Management Console. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted...
Security Bulletin: Vulnerabilities in GNU C Library Affect Power Hardware Management Console (CVE-2013-7423, CVE-2014-7817, CVE-2014-9402, CVE-2015-1472)
Summary GNU C Library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2013-7423 DESCRIPTION:The senddg function in resolv/ressend.c in GNU C Library aka glibc or libc6 before 2.20 does not properly reuse file descriptors,...
SUSE: Security Advisory (SUSE-SU-2015:0439-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0551-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities in GNU C Library (glibc), OpenSSL and NTP affect IBM Flex System Chassis Management Module (CMM)
Summary Vulnerabilities in GNU C Library glibc, OpenSSL and NTP affect IBM Flex System Chassis Management Module. IBM Flex System Chassis Management Module has addressed the CVEs listed below. Vulnerability Details Summary Vulnerabilities in GNU C Library glibc, OpenSSL and NTP affect IBM Flex...
Security Bulletin: IBM BladeCenter Advanced Management Module is affected by glibc vulnerabilities (CVE-2015-1472, CVE-2013-7423, CVE-2014-7817, and CVE-2014-9402)
Summary Security vulnerabilities in glibc affect IBM BladeCenter Advanced Management Module AMM. Vulnerability Details Summary Security vulnerabilities in glibc affect IBM BladeCenter Advanced Management Module AMM. Vulnerability Details: CVE-ID: CVE-2013-7423 Description: GNU glibc could allow a...
Security Bulletin: PowerKVM is affected by glibc vulnerabilities (Multiple CVEs)
Summary PowerKVM is affected by multiple glibc vulnerabilities. Vulnerability Details CVEID: CVE-2014-6040 DESCRIPTION: The GNU C Library glibc is vulnerable to a denial of service, caused by the improper validation of input by the iconv function when converting IBM933, IBM935, IBM937, IBM939 or...
Security Bulletin: Open Source GNU glibc vulnerabilities on IBM SONAS (CVE-2014-7817, CVE-2014-9087)
Summary IBM SONAS is shipped with GNU glibc, for which fixes are available for two security vulnerabilities. Vulnerability Details CVEID: CVE-2014-7817 DESCRIPTION: Provide sufficient details for someone to tell if they have the problem, but not enough detail that someone with malicious intent...
Security Bulletin: Open Source GNU glibc vulnerabilities on IBM Storwize V7000 Unified (CVE-2014-7817, CVE-2014-9087)
Summary IBM Storwize V7000 Unified is shipped with GNU glibc, for which fixes are available for two security vulnerabilities. Vulnerability Details CVEID: CVE-2014-7817 DESCRIPTION: GNU C Library glibc could allow a local attacker to execute arbitrary commands on the system. An attacker could...
F5 BIG-IP - GNU C Library (glibc) vulnerability CVE-2014-7817
The remote host is missing a security patch. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...
F5 Networks BIG-IP : GNU C Library (glibc) vulnerability (SOL16010)
The wordexp function in GNU C Library aka glibc 2.21 does not enforce the WRDENOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing '$...'. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...
SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2015:0526-1)
glibc has been updated to fix four security issues. These security issues were fixed : - CVE-2014-7817: The wordexp function in GNU C Library aka glibc 2.21 did not enforce the WRDENOCMD flag, which allowed context-dependent attackers to execute arbitrary commands, as demonstrated by input...
Debian DLA-97-1 : eglibc security update
CVE-2012-6656 Fix validation check when converting from ibm930 to utf. When converting IBM930 code with iconv, if IBM930 code which includes invalid multibyte character '0xffff' is specified, then iconv segfaults. CVE-2014-6040 Crashes on invalid input in IBM gconv modules BZ 17325 These changes...
SuSE 11.3 Security Update : glibc (SAT Patch Number 10357)
glibc has ben updated to fix three security issues : - wordexp failed to honour WRDENOCMD bsc906371. CVE-2014-7817 - Fixed invalid file descriptor reuse while sending DNS query bsc915526. CVE-2013-7423 - Fixed buffer overflow in wscanf bsc916222 These non-security issues have been fixed:...
Fedora 20 : glibc-2.18-19.fc20 (2015-2845)
Fix CVE-2014-6040: crash in code page decoding functions IBM933, IBM935, IBM937, IBM939, IBM1364 - Fix CVE-2014-7817: command execution in wordexp with WRDENOCMD specified Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
Fedora Update for glibc FEDORA-2015-2845
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...