1994 matches found
CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
Integer overflow
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
Memory corruption
The encodename macro in misc/mntentr.c in the GNU C Library aka glibc or libc6 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service mtab corruption, or possibly modify mount...
CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
CVE-2010-0830
Integer signedness error in the elfgetdynamicinfo function in elf/dynamic-link.h in ld.so in the GNU C Library aka glibc or libc6 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value...
CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
CVE-2009-4880
Glibc (GNU C Library) is affected by CVE-2009-4880: multiple integer overflows in strfmon handling that can be triggered by a crafted format string, potentially causing memory growth or an application crash (denial of service). This is observed in glibc 2.10.1 and earlier. Mitigation per connecte...
CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1
Ubuntu Update for Linux kernel vulnerabilities USN-944-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9441.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
Debian DSA-1973-1 : glibc, eglibc - information disclosure
Christoph Pleger has discovered that the GNU C Library aka glibc and its derivatives add information from the passwd.adjunct.byname map to entries in the passwd map, which allows local users to obtain the encrypted passwords of NIS accounts by calling the getpwnam function. %NASLMINLEVEL 70300 C...
Debian: Security Advisory (DSA-1973-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DSA-1973-1 glibc - information disclosure
Bulletin has no description...
Code injection
nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...
CVE-2010-0015
nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...
CVE-2010-0015
nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...
Check Point response to Integer Overflow Vulnerability in GNU C Library (CVE-2007-3508)
...
GNU C integer overflow
Integer overflow in ld.so dynamic loader...
[ GLSA 200707-04 ] GNU C Library: Integer overflow
Gentoo Linux Security Advisory GLSA 200707-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...