21 matches found
MiracleLinux 7 : cpio-2.11-24.el7 (AXSA:2015-780:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-780:01 advisory. GNU cpio copies files into or out of a cpio or tar archive. Archives are files which contain a collection of other files plus information about them, such as...
Linux Distros Unpatched Vulnerability : CVE-2014-9112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the processcopyin function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio...
SUSE: Security Advisory (SUSE-SU-2014:1675-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in cpio affects PowerKVM (CVE-2014-9112)
Summary A vulnerability in GNU cpio CVE-2014-9112 affects PowerKVM. Vulnerability Details CVEID: CVE-2014-9112 DESCRIPTION: GNU cpio is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the processcopyin function. By persuading a victim to extract a specially-craft...
CentOS 7 : cpio (CESA-2015:2108)
Updated cpio packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Oracle: Security Advisory (ELSA-2015-2108)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201502-11
Gentoo Linux Local Security Checks GLSA 201502-11 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Mandriva Linux Security Advisory : cpio (MDVSA-2015:065)
Updated cpio package fixes security vulnerabilities : Heap-based buffer overflow in the processcopyin function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive CVE-2014-9112. Additionally, a NULL pointer dereference in the copyinlink...
Ubuntu: Security Advisory (USN-2456-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : GNU cpio vulnerabilities (USN-2456-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2456-1 advisory. Michal Zalewski discovered an out of bounds write issue in the processcopyin function of GNU cpio. An attacker could specially craft a cpio archive that...
USN-2456-1: GNU cpio vulnerabilities
Michal Zalewski discovered an out of bounds write issue in the processcopyin function of GNU cpio. An attacker could specially craft a cpio archive that could create a denial of service or possibly execute arbitrary code. CVE-2014-9112 Jakob Lell discovered a heap-based buffer overflow in the...
USN-2456-1 cpio vulnerabilities
Michal Zalewski discovered an out of bounds write issue in the processcopyin function of GNU cpio. An attacker could specially craft a cpio archive that could create a denial of service or possibly execute arbitrary code. CVE-2014-9112 Jakob Lell discovered a heap-based buffer overflow in the...
Fedora Update for cpio FEDORA-2014-16168
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 3111-1] cpio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3111-1 [email protected] http://www.debian.org/security/ Michael Gilbert December 22, 2014 http://www.debian.org/security/faq -...
SuSE 11.3 Security Update : cpio (SAT Patch Number 10070)
This cpio update fixes the following security issue : - heap-based buffer overflow flaw in listfile CVE-2014-9112. bnc907456 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself ...
Fedora 21 : cpio-2.11-33.fc21 (2014-16168)
Security fix for CVE-2014-9112 1167573 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
openSUSE Security Update : cpio (openSUSE-SU-2014:1643-1)
This cpio update fixes the following secuirty issue : - fix an OOB write with cpio -i bnc907456 CVE-2014-9112 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-771. The text...
Mandriva Linux Security Advisory : cpio (MDVSA-2014:250)
Updated cpio package fixes security vulnerability : Heap-based buffer overflow in the processcopyin function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive CVE-2014-9112. Additionally, a NULL pointer dereference in the copyinlink...
CVE-2014-9112
Heap-based buffer overflow in the processcopyin function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive...
CVE-2014-9112
CVE-2014-9112 affects GNU cpio (2.11) via a heap-based buffer overflow in process_copy_in triggered by crafted archives. IBM notes potential remote code execution or elevated-privilege crash on PowerKVM systems; Debian/Red Hat/Fedora advisories confirm fixes in respective package updates (e.g., D...