Debian: Security Advisory (DLA-2052-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2052-1] libbsd security update

Package : libbsd Version : 0.7.0-2+deb8u1 CVE ID : CVE-2016-2090 An issues has been found in libbsd, a package containing utility functions from BSD systems. In function fgetwln an off-by-one error could triggers a heap buffer overflow. For Debian 8 "Jessie", this problem has been fixed in versio...

[SECURITY] [DLA 2006-1] libxdmcp security update

Package : libxdmcp Version : 1:1.1.1-1+deb8u1 CVE ID : CVE-2017-2625 It has been found, that libxdmcp, an X11 Display Manager Control Protocol library, uses weak entropy to generate keys. Using arc4randombuf from libbsd should avoid this flaw. For Debian 8 "Jessie", this problem has been fixed in...

Oracle Linux 7 : X.org / X11 / libraries (ELSA-2017-1865)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-1865 advisory. - Use libbsd for randoms CVE-2017-2626, rhbz1427715 - Use libbsd for randoms CVE-2017-2625, rhbz1427716 - fixes CVE-2016-5407 - fixes CVE-2016-7953...

CVE-2016-2090

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow...

Heap overflow

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow...

CVE-2016-2090

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow...

DEBIAN-CVE-2016-2090

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow...

UBUNTU-CVE-2016-2090

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow...

CVE-2016-2090

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow...

CVE-2016-2090

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow...

CVE-2016-2090

The CVE-2016-2090 issue is in the libbsd library, specifically the fgetwln() function. An off-by-one condition in the memory reallocation path can trigger a heap-based buffer overflow in versions before 0.8.2. Several advisories (e.g., Gentoo GLSA-201607-13, Debian DLA-2052-1) note potential remo...

CVE-2016-2090

Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow...

Fedora 24 : libbsd (2016-5c3d057783)

Security fix for CVE-2016-2090 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

Fedora 25 : libbsd (2016-d3e562bb52)

Security fix for CVE-2016-2090 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

Fedora Update for libbsd FEDORA-2016-5c3d057783

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for libbsd FEDORA-2016-d3e562bb52

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 24 Update: libbsd-0.8.3-1.fc24

libbsd provides useful functions commonly found on BSD systems, and lacking on others like GNU systems, thus making it easier to port projects with strong BSD origins, without needing to embed the same code over and over again on each project...

[SECURITY] Fedora 25 Update: libbsd-0.8.3-1.fc25

libbsd provides useful functions commonly found on BSD systems, and lacking on others like GNU systems, thus making it easier to port projects with strong BSD origins, without needing to embed the same code over and over again on each project...

GLSA-201607-13 : libbsd: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201607-13 libbsd: Arbitrary code execution libbsd contains a buffer overflow in the fgetwln function. An if statement, which is responsible for checking the necessity to reallocate memory in the target buffer, is off by one...