123 matches found
Scientific Linux Security Update : glibc on SL5.x,SL6.x i386/x86_64
The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. The fix for CVE-2010-3847 introduced a regression in the way th...
Scientific Linux Security Update : glibc on SL4.x i386/x86_64 (20120213)
The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. An integer overflow flaw, leading to a heap-based buffer...
CentOS Update for glibc CESA-2011:0412 centos5 x86_64
Check for the Version of glibc OpenVAS Vulnerability Test CentOS Update for glibc CESA-2011:0412 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
CentOS Update for glibc CESA-2012:0125 centos4
Check for the Version of glibc OpenVAS Vulnerability Test CentOS Update for glibc CESA-2012:0125 centos4 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS Update for glibc CESA-2012:0125 centos4
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Ubuntu Update for eglibc USN-1396-1
Ubuntu Update for Linux kernel vulnerabilities USN-1396-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13961.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for eglibc USN-1396-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
USN-1396-1: GNU C Library vulnerabilities
It was discovered that the GNU C Library did not properly handle integer overflows in the timezone handling code. An attacker could use this to possibly execute arbitrary code by convincing an application to load a maliciously constructed tzfile. CVE-2009-5029 It was discovered that the GNU C...
glibc, nptl, nscd security update
CentOS Errata and Security Advisory CESA-2012:0125 Updated glibc packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring Syste...
glibc: fnmatch() alloca()-based memory corruption flaw
Integer overflow in posix/fnmatch.c in the GNU C Library aka glibc or libc6 2.13 and earlier allows context-dependent attackers to cause a denial of service application crash via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than...
glibc: fnmatch() alloca()-based memory corruption flaw
The GNU C Library aka glibc or libc6 before 2.12.2 and Embedded GLIBC EGLIBC allow context-dependent attackers to execute arbitrary code or cause a denial of service memory consumption via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to...
apr: unconstrained recursion in apr_fnmatch
Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...
apr: unconstrained recursion in apr_fnmatch
Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...
Fedora 13 : apr-1.4.5-1.fc13 (2011-7340)
Move to 1.4.x branch. Various bug fixes since 1.4.2. Security: CVE-2011-0419 Reimplement aprfnmatch from scratch using a non-recursive algorithm; now has improved compliance with the fnmatch spec. Note: 1.4.3 was never officially released. Fix CVE-2011-1928 introduced in 1.4.4. Note that Tenable...
Fedora 15 : apr-1.4.5-1.fc15 (2011-6750)
Various bug fixes since 1.4.2. Security: CVE-2011-0419 Reimplement aprfnmatch from scratch using a non-recursive algorithm; now has improved compliance with the fnmatch spec. Note: 1.4.3 was never officially released. Release -2 should fix topbuilddir problem from -1. Fix CVE-2011-1928 introduced...
CVE-2011-1928
The CVE-2011-1928 issue affects the APR library’s fnmatch implementation (apr_fnmatch.c) in APR 1.4.3/1.4.4 and Apache HTTP Server 2.2.18, causing an infinite-loop DoS when processing certain URIs due to an incorrect fix for CVE-2011-0419. Connected advisories note the problem is triggered by wil...
DEBIAN-CVE-2011-0419
Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...
CVE-2011-0419
Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...
CVE-2011-0419
CVE-2011-0419 is a stack consumption/DoS vulnerability in the APR library’s fnmatch implementation (apr_fnmatch.c) and, for some platforms, in libc’s fnmatch.c. It affects APR < 1.4.3 and Apache HTTP Server
apr: unconstrained recursion in apr_fnmatch
Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...
php 5.2.x<5.2.14,5.3.x<5.3.3 fnmatch 函数拒绝服务漏洞
No description provided by source...