453 matches found
Medium: glibc
Issue Overview: In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string,...
SUSE-SU-2020:14468-1 Security update for openvpn-openssl1
This update for openvpn-openssl1 fixes the following issues: - Fixed Out of bounds read on getaddrinfo result bsc959714...
In the GNU C Library (aka glibc or libc6) through 2.28 attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
...
In the GNU C Library (aka glibc or libc6) through 2.28 the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters which could lead applications to incorrectly assume that it had parsed a valid string without the possibility of embedded HTTP headers or other potentially dangerous substrings.
...
PT-2020-6395 · C-Ares +1 · C-Ares +1
Name of the Vulnerable Software and Affected Versions: c-ares lib version 1.16.0 Description: The issue is related to a possible use-after-free and double-free in the c-ares library. This occurs when ares destroy is called before ares getaddrinfo completes. The flaw could allow an attacker to cra...
EulerOS 2.0 SP3 : glibc (EulerOS-SA-2020-1388)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by...
EulerOS Virtualization for ARM 64 3.0.2.0 : glibc (EulerOS-SA-2020-1229)
According to the versions of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that...
CVE-2013-4357
The eglibc package before 2.14 incorrectly handled the getaddrinfo function. An attacker could use this issue to cause a denial of service...
Denial of service
The eglibc package before 2.14 incorrectly handled the getaddrinfo function. An attacker could use this issue to cause a denial of service...
CVE-2013-4357
The eglibc package before 2.14 incorrectly handled the getaddrinfo function. An attacker could use this issue to cause a denial of service...
NewStart CGSL CORE 5.05 / MAIN 5.05 : glibc Vulnerability (NS-SA-2019-0237)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has glibc packages installed that are affected by a vulnerability: - In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by...
EulerOS 2.0 SP8 : glibc (EulerOS-SA-2019-2307)
According to the version of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address...
Amazon Linux AMI : glibc (ALAS-2019-1320)
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
Medium: glibc
Issue Overview: In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string,...
EulerOS 2.0 SP5 : glibc (EulerOS-SA-2019-2155)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address...
RHEL 8 : glibc (RHSA-2019:3513)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3513 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache...
Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update
An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
glibc: getaddrinfo should reject IP addresses with trailing characters
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
Security Bulletin: Netezza Host Management is vulnerable to a GNU C Library (glibc) attack (CVE-2013-7424)
Summary The GNU C Library glibc could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error in the getaddrinfo function when used with the AIIDN flag. An attacker able to make an application call this function could exploit this vulnerability to execute...
glibc, nscd security update
CentOS Errata and Security Advisory CESA-2019:2118 An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...