453 matches found
NewStart CGSL MAIN 5.04 : glibc Multiple Vulnerabilities (NS-SA-2019-0012)
The remote NewStart CGSL host, running version MAIN 5.04, has glibc packages installed that are affected by multiple vulnerabilities: - elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the...
glibc: getaddrinfo should reject IP addresses with trailing characters
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
openSUSE Security Update : glibc (openSUSE-2019-1250)
This update for glibc fixes the following issues : Security issue fixed : - CVE-2016-10739: Fixed an improper implementation of getaddrinfo function which could allow applications to incorrectly assume that had parsed a valid string, without the possibility of embedded HTTP headers or other...
Security update for glibc (moderate)
openSUSE Security Update: Security update for glibc Announcement ID: openSUSE-SU-2019:1250-1 Rating: moderate References: 1100396 1122729 1130045 Cross-References: CVE-2016-10739 Affected Products: openSUSE Leap 15.0 An update that solves one vulnerability and has two fixes is now available...
CVE-2017-14199
A buffer overflow has been found in the Zephyr Project's getaddrinfo implementation in 1.9.0 and 1.10.0...
CVE-2017-14199
A buffer overflow has been found in the Zephyr Project's getaddrinfo implementation in 1.9.0 and 1.10.0...
Buffer overflow
A buffer overflow has been found in the Zephyr Project's getaddrinfo implementation in 1.9.0 and 1.10.0...
CVE-2017-14199
A buffer overflow has been found in the Zephyr Project's getaddrinfo implementation in 1.9.0 and 1.10.0...
CVE-2017-14199
The CVE-2017-14199 entry concerns a buffer overflow in the Zephyr Project’s getaddrinfo() implementation for versions 1.9.0 and 1.10.0. The affected component is the getaddrinfo() function within Zephyr RTOS networking code; the underlying cause is a buffer overflow in that implementation. Impact...
openSUSE Security Update : keepalived (openSUSE-2019-1008)
This update for keepalived to version 2.0.10 fixes the following issues : Security issues fixed bsc1015141 : - CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new...
The vulnerability of the getaddrinfo function in the libc6 library allows a attacker to trigger a memory exhaustion on the target system.
The vulnerability of the libc6 library is related to insufficient validation of input data in the getaddrinfo function. With certain parameters, this function may call the ifnametoindex function in sysdeps/unix/sysv/linux/ifindex.c with incorrect parameters. Exploiting this vulnerability could...
UBUNTU-CVE-2016-10739
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
Code injection
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
DEBIAN-CVE-2016-10739
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
CVE-2016-10739
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
CVE-2016-10739
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
CVE-2016-10739
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
CVE-2016-10739
CVE-2016-10739 affects glibc (getaddrinfo) up to version 2.28, where a string containing an IPv4 address followed by whitespace and extra characters could be misinterpreted as valid. This may allow an attacker to bypass validation or embed dangerous substrings in inputs that appear to be legitima...
CVE-2016-10739
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...
CVE-2016-10739
In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...