EUVD-2000-1053

Malware in sbrugna...

CLSA-2023-1675111190 Fix CVE(s): CVE-2022-28321

SECURITY UPDATE: access denial bypass in pamaccess.so - debian/patches-applied/CVE-2022-28321.patch: properly use getnameinfo and getaddrinfo to handle hostnames in access.conf, add freeaddrinfo to avoid memory leaks on return from networknetmaskmatch as well - CVE-2022-28321...

CVE-2021-43523

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames leading to domain hijacking or injection into applications leading to remote...

AZL-6928 CVE-2021-43523 affecting package uclibc-ng for versions less than 1.0.37-2

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames leading to domain hijacking or injection into applications leading to remote...

CVE-2021-43523

The CVE-2021-43523 issue affects uClibc/uClibc-ng prior to 1.0.39, where improper handling of special characters in DNS-derived domain names can cause domain hijacking and injection into applications (potential remote code execution, XSS, crashes). The vulnerability arises from a missing validati...

Oracle Linux 7 : tcpdump (ELSA-2017-1871)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2017-1871 advisory. 14:4.9.0-5 - Resolves: 1441597; use bigger capture buffer than in upstream 14:4.9.0-4 - Drop downstream patch drop root privileges - Add libcap-ng as a...

CVE-2000-1066

The CVE-2000-1066 entry affects the getnameinfo function in FreeBSD 4.1.1 and earlier (and possibly other operating systems). The vulnerability allows a remote attacker to cause a denial of service by supplying a long DNS hostname. The available documents confirm this DoS impact but do not provid...

Security Advisory: FreeBSD-SA-00:63.getnameinfo

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:63 Security Advisory FreeBSD, Inc. Topic: getnameinfo function allows remote denial of service Category: core Module: libc Announced: 2000-11-01 Credits: Pavel Kankovsky...

Дырка в libc (getnameinfo)

Длинное имя хоста вызывает переполнение буфера в функции getnameinfo, в отдельных случаях может быть использовано для DoS против сервера...

FreeBSD-SA-00:63.getnameinfo

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:63 Security Advisory FreeBSD, Inc. Topic: getnameinfo function allows remote denial of service Category: core Module: libc Announced: 2000-11-01 Credits: Pavel Kankovsky...