434 matches found
CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
UBUNTU-CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
CVE-2018-14661
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service
It was found that usage of snprintf function in feature/locks translator of glusterfs server was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remote denial of service...
procps-ng security update
3.3.10-17.el75.2 - check for truncation after calling snprintf - Related: CVE-2018-1124 3.3.10-17.el75.1 - fix integer overflows leading to heap overflow in file2strvec - Resolves: CVE-2018-1124...
The vulnerability of the snprintf() function in the Event Registration Protocol Library (RELP) allows a attacker to execute arbitrary code.
The vulnerability of the snprintf function in the Event Registration Protocol Library RELP of librelp is related to the escape of the operation beyond the buffer in memory when processing x509 certificates. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
Denial Of Service (DoS) Through Stack Buffer Overflow
librelp.so is vulnerable to denial of service DoS through stack-based buffer overflow attacks. The vulnerability exists in relpTcpChkPeerName of src/tcp.c where it was possible to overflow the call to snprintf when parsing a malicious x509 certificate, causing a denial of service DoS, and possibl...
Mingw-w64 Design Vulnerability
Mingw-w64 is a dedicated gcc runtime environment for Windows. A security vulnerability exists in Mingw-w64 5.0.3 and earlier in mingw-w64-crt libc-vsnprintf. An attacker can exploit this vulnerability to corrupt subsequent string functions...
DEBIAN-CVE-2018-1000101
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...
CVE-2018-1000101
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...
Design/Logic Flaw
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...
UBUNTU-CVE-2018-1000101
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...
CVE-2018-1000101
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...
CVE-2018-1000101
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...
CVE-2018-1000101
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...
F5 Networks BIG-IP : NTP vulnerability (K32262483)
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2017:1048-1)
This ntp update to version 4.2.8p10 fixes serveral issues. This updated enables leap smearing. See /usr/share/doc/packages/ntp/README.leapsmear for details. Security issues fixed bsc1030050 : - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock -...
SUSE-SU-2017:1047-1 Security update for ntp
This ntp update to version 4.2.8p10 fixes serveral issues. This updated enables leap smearing. See /usr/share/doc/packages/ntp/README.leapsmear for details. Security issues fixed bsc1030050: - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock -...
CVE-2017-6451
The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write...