CVE-2003-0689

The getgrouplist function in GNU libc glibc 2.2.4 and earlier allows attackers to cause a denial of service segmentation fault and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow...

CVE-2003-0689

The getgrouplist function in GNU libc glibc 2.2.4 and earlier allows attackers to cause a denial of service segmentation fault and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow...

Solaris libc getopt(3) contains buffer overflow

Overview Solaris libc getopt3 contains a buffer overflow vulnerability. Please note the date of this report: 1/27/1997. This does not affect current versions of Solaris. Description From :A buffer overflow condition exists in the getopt3 routine in Solaris libc. By supplying an invalid option and...

Pine 4.56 - Remote Buffer Overflow

/ Mon Sep 15 09:35:01 CEST 2003 remote? Pine eip/ebp this can actually be "bruteforced" I didn't show this since this is a PoC and uses "exact offsets" All u do is supply multiple charsets and overwrite larger areas of memory This makes method 1 100% successfull or letys say 99.9% nice for remote...

CVE-2003-0689

The issue is in glibc getgrouplist (versions up to 2.2.4) where insufficient bounds checking can trigger a heap overflow when a user belongs to many groups, causing denial of service (segmentation fault) and possible arbitrary code execution. Connected advisories confirm a patch in glibc updates ...

CVE-2003-0689

The getgrouplist function in GNU libc glibc 2.2.4 and earlier allows attackers to cause a denial of service segmentation fault and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow...

CVE-2003-0689

The getgrouplist function in GNU libc glibc 2.2.4 and earlier allows attackers to cause a denial of service segmentation fault and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow...

Important: Red Hat Security Advisory: glibc security update

Updated glibc packages that fix a number of bugs as well as a buffer overflow issue are now available. The GNU libc package known as glibc contains the standard C libraries used by applications. A bug in the getgrouplist function can cause a buffer overflow if the size of the group list is too...

FreeBSD-SA-03:08.realpath

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath3 Category: core Module: libc Announced: 2003-08-03 Credits:...

CVE-2003-0465

The CVE-2003-0465 issue affects the Linux kernel (2.4/2.5) where strncpy does not pad with null bytes on architectures other than x86, potentially allowing information leaks. Red Hat’s RHSA-2004:188 and related advisories document this as a kernel vulnerability with fixes in updated kernel packag...

man[v1.5l]: (catalog) format strings exploit / POC.

was looking at the source code to man, and came upon this. newer g libc's will stop this from happening. but, still worth noting/effective bypass with older glibc's explained in exploit header Vade79 - fakehalo.deadpig.org - fakehalo. -- xmanfmt.c: start -- / linuxmanv1.5l: format string exploit...

DSA-282 glibc - integer overflow

Bulletin has no description...

CVE-2002-0391

Integer overflow in xdrarray function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdrarray through RPC services such as rpc.cmsd and dmispd...

CVE-2002-0391

CVE-2002-0391 describes an integer overflow in the xdr_array function of RPC servers using libc/glibc or SunRPC-based code (e.g., dietlibc), enabling remote code execution by passing a large number of RPC arguments. The OpenVAS/DSA entries show Debian advisories addressing this issue across multi...

DEBIAN-CVE-2003-0028

Integer overflow in the xdrmemgetbytes function, and possibly other functions, of XDR external data representation libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different...

Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookups

Overview The DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10 contains buffer overflows in code that handles responses for network name and address requests. Other resolver libraries derived from BIND 4 such as BSD libc, GNU glibc, and those used by System V UNIX systems may also be...

Multiple Sun RPC-based libc implementations fails to provide time-out mechanism when reading data from TCP connections

Overview A denial-of-service vulnerability exists in multiple vendor Sun RPC-based libc implementations. Description Multiple vendor Sun RPC-based libc implementations fail to properly read data from TCP connections. As a result, a remote attacker can deny service to system daemons. --- Impact A...

Buffer overflow in libc resolver

Buffer overflow in DNS resolving functions...

HP Tru64 UNIX contains buffer overflow in libc libraries (SSRT2257)

Overview The HP Tru64 Unix operating system contains multiple buffer overflow vulnerabilities. Description A vulnerability exists in the way in which the libc libraries handle environment variables in the HP Tru64 UNIX operating system. As a result, local attackers may be able to execute arbitrar...

DSA-149 glibc - integer overflow

Bulletin has no description...