24 matches found
SUSE CVE-2008-1391
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to 1 the strfmon function in...
SUSE CVE-2009-4880
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
SUSE CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
GNU glibc 2.x 'strfmon()' Function Integer Overflow Weakness
No description provided by source. source: http://www.securityfocus.com/bid/36443/info GNU glibc is prone to an integer-overflow weakness. An attacker can exploit this issue through other applications such as PHP to execute arbitrary code within the context of the affected application. Failed...
Multiple BSD Platforms - 'strfmon()' Function Integer Overflow Weakness
No description provided by source. source: http://www.securityfocus.com/bid/28479/info Multiple BSD platforms are prone to an integer-overflow weakness. An attacker can exploit this issue through other applications such as PHP to execute arbitrary code within the context of the affected...
SuSE9 Security Update : glibc (YOU Patch Number 12641)
Several security issues were fixed : - Integer overflow causing arbitrary code execution in ld.so --verify mode could be induced by a specially crafted binary. CVE-2010-0830 - The addmntent function would not escape the newline character properly, allowing the user to insert arbitrary newlines to...
CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
Integer overflow
Multiple integer overflows in the strfmon implementation in the GNU C Library aka glibc or libc6 2.10.1 and earlier allow context-dependent attackers to cause a denial of service memory consumption or application crash via a crafted format string, as demonstrated by a crafted first argument to th...
CVE-2009-4881
Integer overflow in the vstrfmonl function in stdlib/strfmonl.c in the strfmon implementation in the GNU C Library aka glibc or libc6 before 2.10.1 allows context-dependent attackers to cause a denial of service application crash via a crafted format string, as demonstrated by the...
Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1
Ubuntu Update for Linux kernel vulnerabilities USN-944-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9441.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
[USN-944-1] GNU C Library vulnerabilities
=========================================================== Ubuntu Security Notice USN-944-1 May 25, 2010 glibc, eglibc vulnerabilities CVE-2008-1391, CVE-2010-0296, CVE-2010-0830 =========================================================== A security issue affects the following Ubuntu releases:...
USN-944-1: GNU C Library vulnerabilities
Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service...
Multiple BSD and Linux systems strfmon() libc / glibc function integer overflow
Integer overflow on format specificator in strfmon. NULL pointer dereference in printf...
GNU glibc 2.x - 'strfmon()' Integer Overflow
source: https://www.securityfocus.com/bid/36443/info GNU glibc is prone to an integer-overflow weakness. An attacker can exploit this issue through other applications such as PHP to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a...
多个BSD平台'strfmon()'函数整数溢出漏洞
BUGTRAQ ID: 28479 CVE ID:CVE-2008-1391 CNCVE ID:CNCVE-20081391 多个BSD平台'strfmon'函数处理存在整数溢出,可能以受影响应用程序上下文执行任意代码。失败的尝试可导致拒绝服务。 问题代码类似如下: include monetary.h ssizet strfmonchar restrict s, sizet maxsize, const char restrict format, ...; - --- 1. /usr/src/lib/libc/stdlib/strfmon.c -整数溢出...
Re: [securityreason] *BSD libc (strfmon) Multiple vulnerabilities
On Mar 27, 2:09pm, [email protected] [email protected] wrote: -- Subject: securityreason BSD libc strfmon Multiple vulnerabilities ... stuff deleted ... | Problem exist also in printf function. | | Example code will show Integer Overflow . | | - ---example-start-- | include stdio.h | ...
DEBIAN-CVE-2008-1391
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to 1 the strfmon function in...
CVE-2008-1391
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to 1 the strfmon function in...
Integer overflow
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to 1 the strfmon function in...
CVE-2008-1391
CVE-2008-1391 is an integer overflow in the GNU C Library (glibc) strfmon width specifier handling that may be triggered by an attacker who can control the format string passed to strfmon (and related to printf in some contexts). The connected Nessus/OpenVAS entries indicate this vulnerability wa...