FreeBSD / Apple libc link_ntoa() buffer overflow Exploit

Exploit for multiple platform in category remote exploits Improper bounds checking of the obuf variable in the linkntoa function in linkaddr.c may allow an attacker to read or write from memory. The routine linkaddr interprets character strings representing link-level addresses, returning binary...

Buffer Overflow in BSD libc Library Patched

The BSD libc library was updated recently to address a buffer overflow vulnerability that could have allowed an attacker to execute arbitrary code. The library is part of the POSIX library, which is used in BSD operating systems, like FreeBSD, NetBSD, OpenBSD. The libc library is also used in...

FreeBSD-SA-16:37.libc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-16:37.libc Security Advisory The FreeBSD Project Topic: linkntoa3 buffer overflow Category: core Module: libc Announced: 2016-12-06, revised on 2016-12-08...

BSD libc contains a buffer overflow vulnerability in link_ntoa()

Overview The BSD libc library's linkntoa function may be vulnerable to a classic buffer overflow. It is currently unclear if this issue is exploitable. Description CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' - CVE-2016-6559Improper bounds checking of the obuf...

musl libc 'tre_tnfa_run_parallel()' function integer overflow vulnerability

musl libc is a C standard library used in Linux kernel-based embedded systems and mobile devices. An integer overflow vulnerability exists in the musl libc 'tretnfarunparallel' function. An attacker can exploit the vulnerability to execute arbitrary code within the context of an application. A...

Internet Bug Bounty: LZMADecompressor.decompress Use After Free

I have submitted a vulnerability that has now been fixed. The report includes a proof of concept that demonstrates code execution. The submitted patch was accepted with minor changes. https://bugs.python.org/issue28275 --- Python 3.5.2 suffers from a use after free vulnerability caused by the...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code in a privileged context.

The vulnerability of the libc++abi component in the Mac OS X operating system is caused by buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code in a privileged context remotely, or to cause a service failure memory corruption through a specially created...

Glibc DNS Resolver Vulnerability

A vulnerability in the GNU libc glibc DNS resolver allows remote code execution CVE-2015-7547. However, this issue can be exploited only from a DNS server that is under the control of an attacker. Ref 91886. This glibc issue is only exploitable by an attacker controlling the DNS server configured...

[SECURITY] Fedora 23 Update: dietlibc-0.33-8.fc23

The diet libc is a libc that is optimized for small size. It can be used to create small statically linked binaries for Linux on alpha, arm, hppa, ia64, i386, mips, s390, sparc, sparc64, ppc and x8664...

Apple OS X libc++abi Component Arbitrary Code Execution Vulnerability

Apple OS X is a specialized operating system developed for Mac computers. A security vulnerability exists in the Apple OS X libc++abi component, which can be exploited by remote attackers to crash an application or execute arbitrary code...

[SECURITY] [DLA 561-1] uclibc security update

Package : uclibc Version : 0.9.32-1+deb7u1 CVE ID : CVE-2016-2224 CVE-2016-2225 CVE-2016-6264 Several vulnerabilities have been discovered in uClibc, an implementation of the standard C library that is much smaller than glibc, which makes it useful for embedded systems. CVE-2016-2224 Fix possible...

DLA-561-1 uclibc - security update

Bulletin has no description...

CVE-2016-4621

libc++abi in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2016-4621

libc++abi in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2016-4621

libc++abi in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app...

CVE-2016-4621

CVE-2016-4621 affects Apple OS X’s libc++abi component prior to 10.11.6. According to the NVD description, a crafted application can cause memory corruption or execute arbitrary code in a privileged context, potentially leading to a denial of service. The exploit is described as local (requires a...

Juniper Junos FreeBSD libc db Information Disclosure (JSA10756)

According to its self-reported version number, the remote Juniper Junos device is affected by an information disclosure vulnerability in the underlying FreeBSD operating system libc db interface due to improper initialization of memory for Berkeley DB 1.85 database structures. A local attacker ca...

Apple Fixes Vulnerabilities Across OS X, iOS, Safari

Apple fixed dozens of vulnerabilities in its software on Monday, including 60 vulnerabilities in its operating system, OS X, and 43 in its mobile operating system, iOS. The OS X update graduates the desktop and server operating system to OS X El Capitan v10.11.6 and applies to anyone running OS X...

Juniper Networks Junos OS libc Vulnerability

Junos OS is prone to a vulnerability in libc. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if description...

CVE-2016-3818

libc in Android 4.x before 4.4.4 allows remote attackers to cause a denial of service device hang or reboot via a crafted file, aka internal bug 28740702...