19 matches found
MiracleLinux 4 : glibc-2.12-1.132.AXS4.4 (AXSA:2014-509:05)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-509:05 advisory. Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory...
EUVD-2014-0510
Malware in sbrugna...
Ubuntu 10.04 LTS : eglibc regression (USN-2306-3)
USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the fix for CVE-2013-4357 introduced a memory leak in getaddrinfo. This update fixes the problem. We apologize for the inconvenience. Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the...
USN-2306-3: GNU C Library regression
USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the fix for CVE-2013-4357 introduced a memory leak in getaddrinfo. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Maksymilian Arciemowicz discovered that the GNU C Library...
glibc: directory traversal in LC_* locale handling
A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value for example, specified in an LC environment variable could possibly use this flaw to execute arbitrary code with the privileges of that...
Ubuntu 10.04 LTS : eglibc regression (USN-2306-2)
USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the security update cause a regression in certain environments that use the Name Service Caching Daemon nscd, such as those configured for LDAP or MySQL authentication. In these environments, the nscd daemon may need to b...
USN-2306-2: GNU C Library regression
USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the security update cause a regression in certain environments that use the Name Service Caching Daemon nscd, such as those configured for LDAP or MySQL authentication. In these environments, the nscd daemon may need to b...
Ubuntu 14.04 LTS : GNU C Library vulnerabilities (USN-2306-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2306-1 advisory. Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo function. An attacker could use this issue to cause a denia...
USN-2306-1 eglibc vulnerabilities
Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS. CVE-2013-4357 It was discovered that the GNU C Library incorrectly handled the...
USN-2306-1: GNU C Library vulnerabilities
Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS. CVE-2013-4357 It was discovered that the GNU C Library incorrectly handled the...
CVE-2014-0475
Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...
DEBIAN-CVE-2014-0475
Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...
Directory traversal
Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...
CVE-2014-0475
Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...
CVE-2014-0475
Multiple directory traversal vulnerabilities in GNU C Library aka glibc or libc6 before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. dot dot in a 1 LC, 2 LANG, or other locale environment variable...
RedHat Update for glibc RHSA-2011:0412-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
glibc: insufficient quoting in the locale command output
locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...
Buffer overflow
Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via 1 long locale environment variables to a strcpy function call in clocaleglibc2.c and 2 long arguments to unspecified functions in numputfloat.cpp...
CVE-2006-0963
Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via 1 long locale environment variables to a strcpy function call in clocaleglibc2.c and 2 long arguments to unspecified functions in numputfloat.cpp...