19 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-12132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilties in GNU C Library
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in GNU C Library. Vulnerability Details CVEID: CVE-2018-6551 DESCRIPTION: GNU glibc could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the malloc...
Ubuntu: Security Advisory (USN-5768-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0464)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0565-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2187-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0451-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2185-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-2030)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : glibc (EulerOS-SA-2019-1844)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Stack-based buffer overflow in the glob implementation in GNU C Library aka glibc before 2.24, when GLOBALTDIRFUNC is used, allows...
Security Bulletin: IBM MQ Appliance is affected by glibc vulnerabilities
Summary IBM MQ Appliance has addressed the following glibc vulnerabilities. Vulnerability Details CVEID: CVE-2017-15804 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a buffer overflow, caused by improper bounds checking by glob function in glob.c. By using a specially-crafted fil...
SUSE SLES12 Security Update : glibc (SUSE-SU-2018:2187-1)
This update for glibc fixes the following issues: Security issues fixed : - CVE-2017-15804: Fix buffer overflow during unescaping of user names in the glob function in glob.c bsc1064580. - CVE-2017-15670: Fix buffer overflow in glob with GLOBTILDE bsc1064583. - CVE-2017-15671: Fix memory leak in...
Scientific Linux Security Update : glibc on SL7.x x86_64 (20180410)
Security Fixes : - glibc: realpath buffer underflow when getcwd returns relative path allows privilege escalation CVE-2018-1000001 - glibc: Buffer overflow in glob with GLOBTILDE CVE-2017-15670 - glibc: Buffer overflow during unescaping of user names with the operator CVE-2017-15804 - glibc: deni...
Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update
An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
SUSE SLES11 Security Update : glibc (SUSE-SU-2018:0565-1)
This update for glibc fixes the following issues: Security issues : - CVE-2017-8804: Fix memory leak after deserialization failure in xdrbytes, xdrstring bsc1037930 - CVE-2017-12132: Reduce EDNS payload size to 1200 bytes bsc1051791 - CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal...
openSUSE: Security Advisory for glibc (openSUSE-SU-2018:0494-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2018:0451-1)
This update for glibc fixes the following issues: Security issues fixed : - CVE-2017-8804: Fix memory leak after deserialization failure in xdrbytes, xdrstring bsc1037930 - CVE-2017-12132: Reduce EDNS payload size to 1200 bytes bsc1051791 - CVE-2018-6485,CVE-2018-6551: Fix integer overflows in...
CVE-2017-12132
The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation...
CVE-2017-12132
Summary : CVE-2017-12132 affects the GNU C Library (glibc) DNS stub resolver, enabling off-path DNS spoofing attacks by eliciting large UDP responses when EDNS is enabled. IBM and related advisories reference this GLIBC flaw and tie it to affected IBM hardware/software bundles. What is affected (...