23 matches found
SUSE CVE-2016-2856
ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...
Mageia: Security Advisory (MGASA-2013-0340)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 5.04 : glibc Multiple Vulnerabilities (NS-SA-2019-0012)
The remote NewStart CGSL host, running version MAIN 5.04, has glibc packages installed that are affected by multiple vulnerabilities: - elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the...
USN-2985-2 GNU C Library regression | Cloud Foundry
USN-2985-2 GNU C Library regression Medium Vendor GNU C, Canonical Ubuntu Versions Affected Ubuntu 14.04 LTS Description USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not full...
Ubuntu 14.04 LTS : GNU C Library vulnerabilities (USN-2985-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2985-1 advisory. Martin Carpenter discovered that ptchown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain...
USN-2985-1: GNU C Library vulnerabilities
Martin Carpenter discovered that ptchown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. CVE-2013-2207, CVE-2016-2856 Robin Hack discovered that the Name Service Switch NSS...
Debian jessie glibc privilege acquisition vulnerability
Debian is a free operating system with a Linux or FreeBSD kernel created by the Debian Project Collaboration. Most of the base tools used by the operating system are derived from GNU. jessie is a fork of Debian. glibc a.k.a. GNU C Library, libc6 package is one of the open source, free C language...
DEBIAN-CVE-2016-2856
ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...
CVE-2016-2856
ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...
CVE-2016-2856
ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...
Ubuntu Wily 'programs/pt_chown.c' Security Bypass Vulnerability
Ubuntu is a desktop-oriented GNU/Linux operating system developed by Canonical and the Ubuntu Foundation, with Wily being a development code name for Ubuntu. A security bypass vulnerability exists in Ubuntu Wily. A local attacker could use this vulnerability to bypass security restrictions and...
SUSE SLES11 Security Update : glibc (SUSE-SU-2016:0470-1)
This update for glibc fixes the following issues : - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses bsc961721 - CVE-2015-8777: Insufficient checking of LDPOINTERGUARD environment...
GNU glibc 2.1/2.1.1 -6 pt_chown Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/597/info ptchown is a program included with glibc 2.1.x that exists to aid the proper allocation of terminals for non-suid programs that don't have devpts support. It is installed setuid root, and is shipped with RedHat...
CVE-2013-2207
ptchown in GNU C Library aka glibc or libc6 before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system...
Design/Logic Flaw
ptchown in GNU C Library aka glibc or libc6 before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system...
CVE-2013-2207
ptchown in GNU C Library aka glibc or libc6 before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system...
CVE-2013-2207
ptchown in GNU C Library aka glibc or libc6 before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system...
FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
FreeBSD Security Advisory FreeBSD-SA-08:01.pty
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:01.pty Security Advisory The FreeBSD Project Topic: pty snooping Category: core Module: libcstdlib / libutil Announced: 2008-01-14 Credits: John Baldwin Affect...
FreeBSD-SA-08:01.pty
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:01.pty Security Advisory The FreeBSD Project Topic: pty snooping Category: core Module: libcstdlib / libutil Announced: 2008-01-14 Credits: John Baldwin...