MiracleLinux 4 : glibc-2.12-1.212.AXS4 (AXSA:2018-3156:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3156:01 advisory. glibc: Buffer overflow in glob with GLOBTILDE CVE-2017-15670 glibc: Buffer overflow during unescaping of user names with the operator CVE-2017-15804...

UBUNTU-CVE-2017-15671

The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27, when invoked with GLOBTILDE, could skip freeing allocated memory when processing the operator with a long user name, potentially leading to a denial of service memory leak...