27 matches found
K16366: GNU C Library (glibc) vulnerability CVE-2015-1472
Security Advisory Description stdio-common/vfscanf.c has an ADDW macro that tries to determine whether to use malloc or alloca for allocations. But in the malloc case, it only allocates newsize bytes instead of the required newsize sizeof CHART. Thus the allocated buffer gets overrun in the...
Mageia: Security Advisory (MGASA-2015-0072)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in GNU C Library Affect Power Hardware Management Console (CVE-2013-7423, CVE-2014-7817, CVE-2014-9402, CVE-2015-1472)
Summary GNU C Library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2013-7423 DESCRIPTION:The senddg function in resolv/ressend.c in GNU C Library aka glibc or libc6 before 2.20 does not properly reuse file descriptors,...
SUSE: Security Advisory (SUSE-SU-2015:0551-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0439-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1552)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities in GNU C Library (glibc), OpenSSL and NTP affect IBM Flex System Chassis Management Module (CMM)
Summary Vulnerabilities in GNU C Library glibc, OpenSSL and NTP affect IBM Flex System Chassis Management Module. IBM Flex System Chassis Management Module has addressed the CVEs listed below. Vulnerability Details Summary Vulnerabilities in GNU C Library glibc, OpenSSL and NTP affect IBM Flex...
Security Bulletin: IBM BladeCenter Advanced Management Module is affected by glibc vulnerabilities (CVE-2015-1472, CVE-2013-7423, CVE-2014-7817, and CVE-2014-9402)
Summary Security vulnerabilities in glibc affect IBM BladeCenter Advanced Management Module AMM. Vulnerability Details Summary Security vulnerabilities in glibc affect IBM BladeCenter Advanced Management Module AMM. Vulnerability Details: CVE-ID: CVE-2013-7423 Description: GNU glibc could allow a...
Scientific Linux Security Update : glibc on SL7.x x86_64 (20151119)
It was discovered that, under certain circumstances, glibc's getaddrinfo function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application...
Amazon Linux: Security Advisory (ALAS-2015-617)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : glibc (CESA-2015:2199)
Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
RedHat Update for glibc RHSA-2015:2199-07
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update
Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2015:0526-1)
glibc has been updated to fix four security issues. These security issues were fixed : - CVE-2014-7817: The wordexp function in GNU C Library aka glibc 2.21 did not enforce the WRDENOCMD flag, which allowed context-dependent attackers to execute arbitrary commands, as demonstrated by input...
CVE-2015-1472
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a lo...
CVE-2015-1472
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a lo...
CVE-2015-1472
CVE-2015-1472 affects the GNU C Library (glibc) prior to 2.21. The ADDW macro in stdio-common/vfscanf.c can miscalculate allocation size, leading to buffer overflows in wide-character handling during wscanf, enabling context-dependent denial of service and potentially other impact. Affected compo...
CVE-2015-1472
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a lo...
SOL16366 - GNU C Library (glibc) vulnerability CVE-2015-1472
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
[SECURITY] [DSA 3169-1] eglibc security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-3169-1 [email protected] http://www.debian.org/security/ Aurelien Jarno February 23, 2015 http://www.debian.org/security/faq -...