829 matches found
UBUNTU-CVE-2017-15804
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator...
UBUNTU-CVE-2017-15671
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27, when invoked with GLOBTILDE, could skip freeing allocated memory when processing the operator with a long user name, potentially leading to a denial of service memory leak...
CVE-2017-15670
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
DEBIAN-CVE-2017-15670
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
Memory corruption
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27, when invoked with GLOBTILDE, could skip freeing allocated memory when processing the operator with a long user name, potentially leading to a denial of service memory leak...
CVE-2017-15671
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27, when invoked with GLOBTILDE, could skip freeing allocated memory when processing the operator with a long user name, potentially leading to a denial of service memory leak...
DEBIAN-CVE-2017-15671
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27, when invoked with GLOBTILDE, could skip freeing allocated memory when processing the operator with a long user name, potentially leading to a denial of service memory leak...
Heap overflow
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
CVE-2017-15670
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
CVE-2017-15670
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
CVE-2017-15670
CVE-2017-15670 affects glibc (libc6) before 2.27. It is a heap-based buffer overflow in glob.c triggered by processing home directories with the ~ operator followed by a long string. Multiple connected documents confirm the vulnerability class and affected component. Remediation in the disclosed ...
CVE-2017-15670
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
CVE-2017-15671
The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27, when invoked with GLOBTILDE, could skip freeing allocated memory when processing the operator with a long user name, potentially leading to a denial of service memory leak...
UBUNTU-CVE-2017-15670
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
CVE-2017-15670
The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...
USN-3239-2: GNU C Library Regression
USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. We apologize for the inconvenience. Please note that long-running services that were restarted to compensa...
PHP 7.1.0 and prior open_basedir bypass through glob wrapper Vulnerability
Exploit for php platform in category local exploits ./php -v PHP 7.1.0 cli built: Dec 23 2016 16:08:30 NTS DEBUG Copyright c 1997-2016 The PHP Group Zend Engine v3.1.0-dev, Copyright c 1998-2016 Zend Technologies Test script: --------------- ?php if $dh = opendir$argv1 while $file = readdir$dh !=...
Amazon Linux AMI : curl (ALAS-2016-766)
This build resolves the following issues : CVE-2016-8615 : Cookie injection for other servers CVE-2016-8616 : Case insensitive password comparison CVE-2016-8617 : Out-of-bounds write via unchecked multiplication CVE-2016-8618 : Double-free in curlmaprintf CVE-2016-8619 : Double-free in krb5 code...
Medium: curl
Issue Overview: This build resolves the following issues: CVE-2016-8615: Cookie injection for other servers CVE-2016-8616: Case insensitive password comparison CVE-2016-8617: Out-of-bounds write via unchecked multiplication CVE-2016-8618: Double-free in curlmaprintf CVE-2016-8619: Double-free in...
CURL-CVE-2016-8620 glob parser write/read out of bounds
The curl tool's "globbing" feature allows a user to specify a numerical range through which curl iterates. It is typically specified as 1-5, specifying the first and the last numbers in the range. Or with a-z, using letters. 1. The curl code for parsing the second unsigned number did not check fo...