171 matches found
Debian DSA-2976-1 : eglibc - security update
Stephane Chazelas discovered that the GNU C library, glibc, processed '..' path segments in locale-related environment variables, possibly allowing attackers to circumvent intended restrictions, such as ForceCommand in OpenSSH, assuming that they can supply crafted locale settings. %NASLMINLEVEL...
Debian Security Advisory DSA 2976-1 (eglibc - security update)
Stephane Chazelas discovered that the GNU C library, glibc, processed '..' path segments in locale-related environment variables, possibly allowing attackers to circumvent intended restrictions, such as ForceCommand in OpenSSH, assuming that they can supply crafted locale settings. OpenVAS...
DSA-2976-1 eglibc - security update
Bulletin has no description...
Debian: Security Advisory (DSA-2976-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
glibc and eglibc 2.5, 2.7, 2.13 - Buffer Overflow Vulnerability
No description provided by source. / Exploit-DB Note: Reportedly does not work. See output at the bottom of the entry. $FILE: bug-mangle.c Comment: Proof of concept $VERSION$ Author: Hector Marco [email protected] Ismael Ripoll [email protected] $LICENSE: This program is free software; you can...
eGlibc Signedness Code Execution Vulnerability
No description provided by source. Exploit Title: eGlibc Signedness Vulnerability Date: November 2011 Exploit Author: c0ntex Vendor Homepage: http://www.eglibc.org Software Link: http://www.eglibc.org/home Version: eGlibc supplied by Ubuntu 10.4 LTS Tested on: Ubuntu 10.4 LTS CVE : CVE-2011-2702 ...
Ubuntu Update for eglibc USN-1991-1
Check for the Version of eglibc OpenVAS Vulnerability Test $Id: gbubuntuUSN19911.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for eglibc USN-1991-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...
Ubuntu: Security Advisory (USN-1991-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : eglibc vulnerabilities (USN-1991-1)
It was discovered that the GNU C Library incorrectly handled the strcoll function. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2012-4412, CVE-2012-4424 It was discovered that the GNU C Library incorrectly handled multibyte characters in t...
CVE-2013-4788
The PTRMANGLE implementation in the GNU C Library aka glibc or libc6 2.4, 2.17, and earlier, and Embedded GLIBC EGLIBC does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow...
CVE-2013-4788
CVE-2013-4788 affects glibc (GNU C Library) up to version 2.4/2.17 and EGLIBC; PTR_MANGLE does not initialize the random value for the pointer guard, enabling context-dependent attackers to influence control flow via a buffer-overflow in an application. Affected components: PTR_MANGLE implementat...
glibc and eglibc 2.5, 2.7, 2.13 - Buffer Overflow Vulnerability
Exploit for linux platform in category local exploits / $FILE: bug-mangle.c Comment: Proof of concept $VERSION$ Author: Hector Marco Ismael Ripoll $LICENSE: This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by th...
glibc and eglibc 2.52.72.13 - Local Buffer Overflow
glibc and eglibc 2.52.72.13 - Local Buffer Overflow / Exploit-DB Note: Reportedly does not work. See output at the bottom of the entry. $FILE: bug-mangle.c Comment: Proof of concept $VERSION$ Author: Hector Marco Ismael Ripoll $LICENSE: This program is free software; you can redistribute it and/o...
glibc and eglibc 2.5/2.7/2.13 - Local Buffer Overflow
/ Exploit-DB Note: Reportedly does not work. See output at the bottom of the entry. $FILE: bug-mangle.c Comment: Proof of concept $VERSION$ Author: Hector Marco Ismael Ripoll $LICENSE: This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Publi...
CVE-2013-4357
The eglibc package before 2.14 incorrectly handled the getaddrinfo function. An attacker could use this issue to cause a denial of service...
Ubuntu Update for eglibc USN-1589-1
Ubuntu Update for Linux kernel vulnerabilities USN-1589-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15891.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for eglibc USN-1589-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu: Security Advisory (USN-1589-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1589-1: GNU C Library vulnerabilities
It was discovered that positional arguments to the printf family of functions were not handled properly in the GNU C Library. An attacker could possibly use this to cause a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. CVE-2012-3404, CVE-2012-3405,...
Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : eglibc, glibc vulnerabilities (USN-1589-1)
It was discovered that positional arguments to the printf family of functions were not handled properly in the GNU C Library. An attacker could possibly use this to cause a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. CVE-2012-3404, CVE-2012-3405,...
eGlibc - Signedness Code Execution
eGlibc - Signedness Code Execution Exploit Title: eGlibc Signedness Vulnerability Date: November 2011 Exploit Author: c0ntex Vendor Homepage: http://www.eglibc.org Software Link: http://www.eglibc.org/home Version: eGlibc supplied by Ubuntu 10.4 LTS Tested on: Ubuntu 10.4 LTS CVE : CVE-2011-2702 ...