Lucene search
K

64 matches found

packetstormnews
packetstormnews
added 2026/02/11 12:0 a.m.6 views

glibc 2.38 Buffer Overflow

This is a local privilege escalation exploit for CVE-2023-4911, also known as "Looney Tunables", caused by a buffer overflow in the glibc dynamic loader's environment variable parsing logic. The vulnerability is triggered by crafting a maliciously long GLIBCTUNABLES string which corrupts internal...

9.8CVSS6.5AI score0.81422EPSS
Exploits29
exploitdb
exploitdb
added 2026/02/11 12:0 a.m.185 views

glibc 2.38 - Buffer Overflow

Exploit Title: glibc 2.38 - Buffer Overflow Google Dork: N/A Date: 2025-10-08 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.gnu.org/software/libc/ Software Link: https://ftp.gnu.org/gnu/libc/glibc-2.35.tar.gz Version: glibc 2.35 specifically 2.35-0ubuntu3.3 on Ubuntu 22.04.3...

7.8CVSS5.4AI score0.81422EPSS
Exploits28
nessus
nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : glibc-2.34-60.el9.7 (AXSA:2023-6486:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6486:05 advisory. glibc: buffer overflow in ld.so leading to privilege escalation CVE-2023-4911 glibc: Stack read overflow in getaddrinfo in no-aaaa mode CVE-2023-452...

7.8CVSS7.2AI score0.81422EPSS
Exploits29References5
nessus
nessus
added 2025/06/17 12:0 a.m.12 views

Oracle Linux 8 : glibc (ELSA-2025-20375)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20375 advisory. - CVE-2025-4802: static setuid dlopen may search LDLIBRARYPATH RHEL-92685 - CVE-2025-0395: Fix a buffer overflow in assert RHEL-83306 - CVE-2024-33599: nscd:...

8.1CVSS7.4AI score0.8833EPSS
Exploits46References2
nessus
nessus
added 2025/06/16 12:0 a.m.12 views

TencentOS Server 4: glibc (TSSA-2024:0038)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0038 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.8CVSS7.4AI score0.81422EPSS
Exploits29References5
nessus
nessus
added 2025/06/16 12:0 a.m.12 views

TencentOS Server 3: glibc (TSSA-2023:0245)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0245 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.8CVSS7.4AI score0.81422EPSS
Exploits29References5
ibm
ibm
added 2025/04/15 2:36 a.m.34 views

Security Bulletin: Execution Engine for Apache Hadoop is vulnerable to denial of service, buffer overflow and allow a local authenticated attacker to gain elevated privileges

Summary glibc, gnutls, gnupg are used by Execution Engine for Apache Hadoop in all the components. CVE-2023-0687, CVE-2023-4911, CVE-2021-3998, CVE-2023-5156, CVE-2023-4527, CVE-2023-4813, CVE-2022-3515, CVE-2024-28835, CVE-2024-28834 Vulnerability Details CVEID:CVE-2023-0687 DESCRIPTION: GNU C...

9.8CVSS9.6AI score0.81422EPSS
Exploits30Affected Software1
githubexploit
githubexploit
added 2025/03/17 11:9 a.m.238 views

Exploit for Heap-based Buffer Overflow in Gnu Glibc

CVE-2023-4911 This is a PoC Proof Of Concept for the Looney...

7.8CVSS7AI score0.81422EPSS
Exploits28
openvas
openvas
added 2025/02/25 12:0 a.m.39 views

Western Digital My Cloud Multiple Products 5.x < 5.30.103 Multiple Vulnerabilities (WDC-25001)

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.81422EPSS
Exploits34References8
nessus
nessus
added 2025/02/10 12:0 a.m.14 views

Azure Linux 3.0 Security Update: glibc (CVE-2023-4911)

The version of glibc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4911 advisory. - A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLE...

7.8CVSS7.4AI score0.81422EPSS
Exploits28References2
ibm
ibm
added 2024/08/05 8:8 p.m.39 views

Security Bulletin: IBM Storage Ceph is vulnerable to a Heap-based Buffer Overflow in the RHEL UBI (CVE-2023-4911)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-4911 Vulnerability Details CVEID:CVE-2023-4911 DESCRIPTION: glibc could allow a local authenticated attacker to gain elevate...

7.8CVSS8.1AI score0.81422EPSS
Exploits28Affected Software1
cbl_mariner
cbl_mariner
added 2024/07/02 11:30 p.m.27 views

CVE-2023-4911 affecting package glibc for versions less than 2.38-6

CVE-2023-4911 affecting package glibc for versions less than 2.38-6. A patched version of the package is available...

7.8CVSS7.5AI score0.81422EPSS
Exploits28
nessus
nessus
added 2024/03/21 12:0 a.m.54 views

EulerOS Virtualization 2.11.0 : glibc (EulerOS-SA-2024-1426)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulti...

7.8CVSS7.3AI score0.81422EPSS
Exploits28References5
nessus
nessus
added 2024/02/29 12:0 a.m.125 views

CentOS 9 : glibc-2.34-83.el9.7

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the glibc-2.34-83.el9.7 build changelog. - potential use-after-free in getaddrinfo RHEL-2426 CVE-2023-4806 - buffer overflow in ld.so leading to privilege escalation RHEL-3000...

7.8CVSS7.3AI score0.81422EPSS
Exploits28References3
nessus
nessus
added 2024/01/16 12:0 a.m.34 views

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2023-3269)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...

7.8CVSS7.3AI score0.81422EPSS
Exploits28References5
githubexploit
githubexploit
added 2023/12/23 11:54 a.m.399 views

Exploit for Heap-based Buffer Overflow in Gnu Glibc

CVE-2023-4911 - Looney Tunables This is a atm very rough pr...

7.8CVSS7.1AI score0.81422EPSS
Exploits28
rapid7blog
rapid7blog
added 2023/12/22 4:32 p.m.121 views

Metasploit Weekly Wrap-Up

Getting Looney with Privilege Escalation As if Metasploit couldn’t get any loonier, this release adds a brand new exploit module for Glibc Tunables Privilege Escalation aka Looney Tunables. Now, using linux/local/glibctunablesprivesc, you can check your target’s glibc version to see if it’s...

7.5CVSS8.8AI score0.99999EPSS
Exploits46
packetstorm
packetstorm
added 2023/12/21 12:0 a.m.803 views

Glibc Tunables Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 561, '3602eac894717d56555552c84fc6b0e4d6a4af72' = 561, 'a99db3715218b641780b04323e4ae5953d68a927' = 561, 'a8daca28288575ffc8c7641d40901b0148958fb1...

7.8CVSS7.4AI score0.81422EPSS
Exploits28
zdt
zdt
added 2023/12/21 12:0 a.m.467 views

Glibc Tunables Privilege Escalation Exploit

A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. It has been dubbed Looney Tunables. This issue allows an local attacker to use maliciously crafted GLIBCTUNABLES when launching binaries with SUID permission to execute co...

7.8CVSS8.3AI score0.81422EPSS
Exploits28
metasploit
metasploit
added 2023/12/20 7:49 p.m.546 views

Glibc Tunables Privilege Escalation CVE-2023-4911 (aka Looney Tunables)

A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue allows an local attacker to use maliciously crafted GLIBCTUNABLES when launching binaries with SUID permission to execute code in the context of the root user...

7.8CVSS7.2AI score0.81422EPSS
Exploits28
Rows per page
Query Builder