275 matches found
Type confusion
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...
CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...
CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...
CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...
CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
[ASA-201801-18] glibc: privilege escalation
Arch Linux Security Advisory ASA-201801-18 ========================================== Severity: High Date : 2018-01-28 CVE-ID : CVE-2018-1000001 Package : glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-590 Summary ======= The package glibc before version...
Libc Realpath缓冲区下溢漏洞(CVE-2018-1000001)
Introduction The vulnerability described here is caused by Linux kernel behaviour change in the syscall API returning relative pathnames in getcwd and non-defensive function implementation in libc failing to process that pathname correctly. Other libraries are very likely to be affected as well. ...
MGASA-2018-0098 Updated glibc packages fix security vulnerabilities
An issue in the code handling RPATHs was fixed that could have been exploited by an attacker to execute code loaded from arbitrary libraries CVE-2017-16997. A privilege escalation bug in the realpath function when the getcwd system call doesn't return a valid absolute pathname CVE-2018-1000001...
Fedora 27 : glibc (2018-7714b514e2)
This update addresses two security vulnerabilities : - CVE-2017-16997: Check for empty tokens before dynamic string token expansion in the dynamic linker, so that pre-existing privileged programs with $ORIGIN rpaths/runpaths do not cause the dynamic linker to search the current directory,...
Fedora 26 : glibc (2018-8e27ad96ed)
This update addresses two security vulnerabilities : - CVE-2017-15670, CVE-2017-15671, CVE-2017-15804: Various vulnerabilities could lead to memory corruption in the glob and glob64 function. RHBZ1505298, RHBZ1504807 - CVE-2017-16997: Check for empty tokens before dynamic string token expansion i...
glibc - getcwd() Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits / This software is provided by the copyright owner "as is" and any expressed or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall...
SUSE SLES12 Security Update : glibc (SUSE-SU-2018:0076-1)
This update for glibc fixes the following issues : - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A buffer manipulation vulnerability in nscd has been fixed that could possibly have lead to an nscd daemon crash or code execution as the user...
SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2018:0074-1)
This update for glibc fixes the following issues : - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. CVE-2017-1000408, CVE-2017-1000409, bsc1071319 - An issue in the co...
SUSE SLES12 Security Update : glibc (SUSE-SU-2018:0071-1)
This update for glibc fixes the following issues : - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...
UBUNTU-CVE-2018-1000001
In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution...
codeigniter -- multiple vulnerabilities
The CodeIgniter changelog reports: Fixed an SQL injection in the ‘odbc’ database driver. Updated setrealpath Path Helper function to filter-out php:// wrapper inputs...
CVE-2004-1064
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute...
CVE-2007-3007
PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...
Python-2.4.2-realpath()
Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to the realpath...