811 matches found
USN-2482-1: elfutils vulnerability
Alexander Cherepanov discovered that libelf1 incorrectly handled certain filesystem paths while extracting ar archives. An attacker could use this flaw to perform a directory traversal attack on the root directory if the process extracting the ar archive has write access to the root directory...
Ubuntu: Security Advisory (USN-2482-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : elfutils vulnerability (USN-2482-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2482-1 advisory. Alexander Cherepanov discovered that libelf1 incorrectly handled certain filesystem paths while extracting ar archives. An attacker could use this flaw to perform...
Fedora Update for elfutils FEDORA-2015-0677
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : elfutils-0.161-2.fc20 (2015-0677)
Update to elfutils 0.161. Security fix for CVE-2014-9447. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
[SECURITY] Fedora 20 Update: elfutils-0.161-2.fc20
Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, and elflint to check for well-formed ELF...
MGASA-2015-0033 Updated elfutils packages fix CVE-2014-9447
Updated elfutils packages fix security vulnerability: Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
Updated elfutils packages fix CVE-2014-9447
Updated elfutils packages fix security vulnerability: Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
Fedora 21 : elfutils-0.161-2.fc21 (2015-0692)
Update to elfutils 0.161. Security fix for CVE-2014-9447. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
[SECURITY] Fedora 21 Update: elfutils-0.161-2.fc21
Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, and elflint to check for well-formed ELF...
Fedora Update for elfutils FEDORA-2015-0692
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2014-9447
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
CVE-2014-9447
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
Directory traversal
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
CVE-2014-9447
ELF utilities (elfutils) vulnerable in versions 0.152 and 0.161 due to a directory traversal in libelf/elf_begin.cread_long_names that lets remote attackers write to arbitrary files in the root directory via a crafted archive (ar). Impact is ability to modify files on the root; remediation is upd...
UBUNTU-CVE-2014-9447
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
CVE-2014-9447
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
elfutils '/libelf/elf_begin.c' directory traversal vulnerability
Elfutils contains a series of tools for creating, modifying, and analyzing binary files. The elfutils '/libelf/elfbegin.c' suffers from a directory traversal vulnerability because it fails to adequately filter user-supplied input. A remote attacker could use a specially crafted request with a...
Amazon Linux AMI : elfutils (ALAS-2014-345)
Integer overflow in the checksection function in dwarfbeginelf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed compressed debug section in an ELF...
openSUSE Security Update : elfutils (openSUSE-SU-2014:0974-1)
Fix integer overflow in checksection CVE-2014-0172, bnc872785 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-491. The text description of this plugin is C SUSE LLC...