38 matches found
EUVD-2015-1704
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2015-0247
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group...
RHEL 7 : e4fsprogs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - e2fsprogs: potential buffer overflow in closefs incomplete CVE-2015-0247 fix CVE-2015-1572 - Heap-based...
RHEL 6 : e4fsprogs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - e2fsprogs: potential buffer overflow in closefs incomplete CVE-2015-0247 fix CVE-2015-1572 - Heap-based...
RHEL 5 : e4fsprogs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - e2fsprogs: potential buffer overflow in closefs incomplete CVE-2015-0247 fix CVE-2015-1572 - Heap-based...
SUSE: Security Advisory (SUSE-SU-2015:1364-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1103-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1341-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for e2fsprogs (EulerOS-SA-2016-1038)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED11 / SLES11 Security Update : e2fsprogs (SUSE-SU-2015:1103-1)
This update provides the following security-fixes for e2fsprogs : libext2fs: fix potential buffer overflow in closefs bsc918346, CVE-2015-1572 libext2fs: avoid buffer overflow if sfirstmetabg is too big bsc915402, CVE-2015-0247 Note that Tenable Network Security has extracted the preceding...
Amazon Linux AMI : e2fsprogs (ALAS-2015-542)
A heap-based buffer overflow flaw was found in e2fsprogs. A specially crafted Ext2/3/4 file system could cause an application using the ext2fs library for example, fsck to crash or, possibly, execute arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this...
Low: e2fsprogs
Issue Overview: A heap-based buffer overflow flaw was found in e2fsprogs. A specially crafted Ext2/3/4 file system could cause an application using the ext2fs library for example, fsck to crash or, possibly, execute arbitrary code. Affected Packages: e2fsprogs Issue Correction: Run yum update...
openSUSE Security Update : e2fsprogs (openSUSE-2015-400)
e2fsprogs was updated to fix two security issues. The following vulnerabilities were fixed : - CVE-2015-1572: A local user could have executed arbitrary code by causing a crafted block group descriptor to be marked as dirty. Completes fix for CVE-2015-0247. boo918346 - CVE-2015-0247: A local user...
Mandriva Linux Security Advisory : e2fsprogs (MDVSA-2015:067)
Updated e2fsprogs packages fix security vulnerabilities : The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used ...
Fedora 20 : e2fsprogs-1.42.12-3.fc20 (2015-2516)
Fix potential buffer overflow in closefs 1193947, CVE-2015-1572 - Fix dumpe2fs segfault with no arguments 1194063 - Don't require fsck prior to resize2fs -P 1170803 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
Fedora Update for e2fsprogs FEDORA-2015-2516
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for e2fsprogs FEDORA-2015-2511
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2507-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Heap overflow
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247...
Ubuntu 14.04 LTS : e2fsprogs vulnerabilities (USN-2507-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2507-1 advisory. Jose Duart discovered that e2fsprogs incorrectly handled invalid block group descriptor data. A local attacker could use this issue with a crafted...