8510 matches found
UBUNTU-CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
DEBIAN-CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
CVE-2018-14661
Technical details for CVE-2018-14661 are not provided in the connected documents. Public information in the initial entry confirms a format-string vulnerability in GlusterFS, but no affected versions, exploit details, or fixes are included here. Monitor for updates.
CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service
It was found that usage of snprintf function in feature/locks translator of glusterfs server was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service
It was found that usage of snprintf function in feature/locks translator of glusterfs server was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
Security update for jhead (moderate)
This update for jhead fixes the following issues: Security issues fixed: - CVE-2018-17088: The ProcessGpsInfo function may have allowed a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check...
openSUSE: Security Advisory for udisks2 (openSUSE-SU-2018:3372-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for udisks2 (moderate)
This update for udisks2 fixes the following issues: Following security issues was fixed: - CVE-2018-17336: A format string vulnerability in udiskslog bsc1109406 Following non-security issues were fixed: - strip trailing newline from sysfs raid level information bsc1091274 - Fix watcher error for...
SUSE-SU-2018:3278-1 Security update for udisks2
This update for udisks2 fixes the following issues: Following security issues was fixed: - CVE-2018-17336: A format string vulnerability in udiskslog bsc1109406 Following non-security issues were fixed: - strip trailing newline from sysfs raid level information bsc1091274 - Fix watcher error for...
PT-2018-2608 · Red Hat +1 · Glusterfs +1
Name of the Vulnerable Software and Affected Versions: glusterfs version 3.8.4 Description: The issue is related to the usage of the snprintf function in the feature/locks translator of the glusterfs server, which is vulnerable to a format string attack. A remote, authenticated attacker could...
USN-3772-1 udisks2 vulnerability
It was discovered that UDisks incorrectly handled format strings when logging. A local attacker could possibly use this issue to cause a denial of service or obtain sensitive information...
udisks format string vulnerability
udisks formerly known as DeviceKit-disks is a system service on Linux systems that is primarily used to enumerate devices and provide device-related information. A format string vulnerability exists in the 'udiskslog' function of the udiskslogging.c file in udisks version 2.8.0, which can be...
CVE-2018-17336
An uncontrolled format string vulnerability has been discovered in udisks when it mounts a filesystem with a malformed label. A local attacker may use this flaw to leak memory, make the udisks service crash, or cause other unspecified effects...
udisks2 2.8.0 - Denial of Service Vulnerability
Exploit for linux platform in category dos / poc Exploit: udisks2 2.8.0 - Denial of Service PoC Author: oxagast Vendor Homepage: http://storaged.org/ Software Link: https://github.com/storaged-project/udisks Version: =udisks2 2.8.0 Tested on: Ubuntu x64 / / / \ / / / O / / \ \ /\//\//...
udisks2 2.8.0 Denial Of Service
Exploit: udisks2 2.8.0 - Denial of Service PoC Author: oxagast Date: 2018-09-22 Vendor Homepage: http://storaged.org/ Software Link: https://github.com/storaged-project/udisks Version: =udisks2 2.8.0 Tested on: Ubuntu x64 / / / \ / / / O / / \ \ /\//\// ========The vulnerable section of code...
udisks2 2.8.0 - Denial of Service (PoC)
Exploit: udisks2 2.8.0 - Denial of Service PoC Author: oxagast Date: 2018-09-22 Vendor Homepage: http://storaged.org/ Software Link: https://github.com/storaged-project/udisks Version: =udisks2 2.8.0 Tested on: Ubuntu x64 / / / \ / / / O / / \ \ /\//\// ========The vulnerable section of code...
Format string
UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents, cause a denial of service memory corruption, or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n...
CVE-2018-17336
UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents, cause a denial of service memory corruption, or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n...