Lucene search
+L

43 matches found

Tenable Nessus
Tenable Nessus
added 2015/03/10 12:0 a.m.53 views

Oracle Linux 7 : glibc (ELSA-2015-0327)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0327 advisory. - Fix parsing of numeric hosts in gethostbynamer CVE-2015-0235, 1183545. - Prevent NSS-based file backend from entering infinite loop when different AP...

10CVSS7.6AI score0.94859EPSS
Exploits35References3
Tenable Nessus
Tenable Nessus
added 2015/02/11 12:0 a.m.18 views

SuSE 11.3 Security Update : glibc (SAT Patch Number 10259)

glibc has been updated to fix security issues and bugs : - Fix crashes on invalid input in IBM gconv modules. CVE-2014-6040 / CVE-2012-6656, bsc894553, bsc894556, GLIBC BZ 17325, GLIBC BZ 14134 - Avoid infinite loop in nssdns getnetbyname. CVE-2014-9402 - Don't touch user-controlled stdio locks i...

7.8CVSS7.6AI score0.07834EPSS
Exploits5References12
Tenable Nessus
Tenable Nessus
added 2015/01/08 12:0 a.m.29 views

Oracle Linux 6 : glibc (ELSA-2015-0016)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0016 advisory. - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, 1139571. Tenable has extracted the preceding description block directly from the...

5CVSS8.2AI score0.06564EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2015/01/07 12:0 a.m.47 views

glibc security and bug fix update

2.12-1.149.4 - Fix recursive dlopen 1173469. 2.12-1.149.3 - Fix typo in ressend and resquery rh1172023. 2.12-1.149.2 - Fix crashes on invalid input in IBM gconv modules CVE-2014-6040, 1139571. 2.12-1.149.1 - Fix wordexp to honour WRDENOCMD CVE-2014-7817, 1170121...

5CVSS0.8AI score0.06564EPSS
Exploits1
Debian
Debian
added 2014/11/29 6:51 p.m.72 views

[SECURITY] [DLA 97-1] eglibc security update

Package : eglibc Version : 2.11.3-4+deb6u2 CVE ID : CVE-2012-6656 CVE-2014-6040 CVE-2014-7817 CVE-2012-6656 Fix validation check when converting from ibm930 to utf. When converting IBM930 code with iconv, if IBM930 code which includes invalid multibyte character "0xffff" is specified, then iconv...

5CVSS8AI score0.06564EPSS
Exploits2
OSV
OSV
added 2014/11/29 12:0 a.m.34 views

DLA-97-1 eglibc - security update

Bulletin has no description...

5CVSS6.5AI score0.06564EPSS
Exploits2
Oracle linux
Oracle linux
added 2014/10/15 12:0 a.m.60 views

glibc security, bug fix, and enhancement update

2.12-1.149 - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, 2.12-1.148 - Switch gettimeofday from INTUSE to libchiddenproto 1099025. 2.12-1.147 - Fix stack overflow due to large AFINET6 requests...

7.5CVSS0.18099EPSS
Exploits5
OpenVAS
OpenVAS
added 2014/09/12 12:0 a.m.38 views

openSUSE: Security Advisory for glibc (openSUSE-SU-2014:1115-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.4AI score0.18099EPSS
Exploits5References1
RedHat Linux
RedHat Linux
added 2014/09/02 6:9 p.m.8 views

glibc: off-by-one error leading to a heap-based buffer overflow flaw in __gconv_translit_find()

An off-by-one heap-based buffer overflow flaw was found in glibc's internal gconvtranslitfind function. An attacker able to make an application call the iconvopen function with a specially crafted argument could possibly use this flaw to execute arbitrary code with the privileges of that...

7.5CVSS7.9AI score0.18099EPSS
Exploits4References4
Debian
Debian
added 2014/09/02 6:3 p.m.56 views

[DLA 43-1] eglibc security update

Package : eglibc Version : 2.11.3-4+deb6u1 CVE ID : CVE-2014-0475 CVE-2014-5119 CVE-2014-0475 Stephane Chazelas discovered that the GNU C library, glibc, processed ".." path segments in locale-related environment variables, possibly allowing attackers to circumvent intended restrictions, such as...

7.5CVSS8AI score0.18099EPSS
Exploits4
OSV
OSV
added 2014/09/02 12:0 a.m.29 views

DLA-43-1 eglibc - security update

Bulletin has no description...

7.5CVSS7.7AI score0.18099EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2014/08/29 9:40 p.m.5 views

glibc: off-by-one error leading to a heap-based buffer overflow flaw in __gconv_translit_find()

An off-by-one heap-based buffer overflow flaw was found in glibc's internal gconvtranslitfind function. An attacker able to make an application call the iconvopen function with a specially crafted argument could possibly use this flaw to execute arbitrary code with the privileges of that...

7.5CVSS7.9AI score0.18099EPSS
Exploits4References4
Cvelist
Cvelist
added 2014/08/29 5:0 p.m.26 views

CVE-2014-5119

Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules...

8.1AI score0.18099EPSS
Exploits4References22
Debian CVE
Debian CVE
added 2014/08/29 5:0 p.m.46 views

CVE-2014-5119

Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules...

7.5CVSS9.7AI score0.18099EPSS
Exploits4
OSV
OSV
added 2014/08/29 4:55 p.m.2 views

DEBIAN-CVE-2014-5119

Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules...

7.5CVSS9.4AI score0.18099EPSS
Exploits4References1
Prion
Prion
added 2014/08/29 4:55 p.m.31 views

Code injection

Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C Library aka glibc allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules...

7.5CVSS7.8AI score0.18099EPSS
Exploits4References22Affected Software2
Tenable Nessus
Tenable Nessus
added 2014/08/29 12:0 a.m.33 views

Fedora 20 : glibc-2.18-14.fc20 (2014-9824)

Locale names, including those obtained from environment variables LANG and the LC variables, are more tightly checked for proper syntax. setlocale will now fail with EINVAL for locale names that are overly long, contain slashes without starting with a slash, or contain '..' path components...

7.5CVSS8.1AI score0.18099EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2014/08/28 12:0 a.m.36 views

Debian DSA-3012-1 : eglibc - security update

Tavis Ormandy discovered a heap-based buffer overflow in the transliteration module loading code in eglibc, Debian's version of the GNU C Library. As a result, an attacker who can supply a crafted destination character set argument to iconv-related character conversation functions could achieve...

7.5CVSS8.9AI score0.18099EPSS
Exploits4References3
Debian
Debian
added 2014/08/27 5:51 a.m.38 views

[SECURITY] [DSA 3012-1] eglibc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3012-1 [email protected] http://www.debian.org/security/ Florian Weimer August 27, 2014 http://www.debian.org/security/faq -...

7.5CVSS9.8AI score0.18099EPSS
Exploits4
OpenVAS
OpenVAS
added 2014/08/27 12:0 a.m.38 views

Debian Security Advisory DSA 3012-1 (eglibc - security update)

Tavis Ormandy discovered a heap-based buffer overflow in the transliteration module loading code in eglibc, Debian's version of the GNU C Library. As a result, an attacker who can supply a crafted destination character set argument to iconv-related character conversation functions could achieve...

7.5CVSS0.5AI score0.18099EPSS
Exploits4References1
Rows per page
Query Builder