21 matches found
Azure Linux 3.0 Security Update: glibc (CVE-2023-4911)
The version of glibc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4911 advisory. - A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLE...
EulerOS Virtualization 2.11.1 : glibc (EulerOS-SA-2024-1398)
According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulti...
CentOS 8 : glibc (CESA-2023:5455)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:5455 advisory. - A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode vi...
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...
RHEL 8 : Red Hat Virtualization Host 4.4.z SP 1 (RHSA-2024:0033)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0033 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-nod...
Glibc Tunables Privilege Escalation CVE-2023-4911 (aka Looney Tunables)
A buffer overflow exists in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue allows an local attacker to use maliciously crafted GLIBCTUNABLES when launching binaries with SUID permission to execute code in the context of the root user...
Updated glibc packages fix a security vulnerability
The updated packages fix a security vulnerability: A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when...
Oracle Linux 8 : glibc (ELSA-2023-5455)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5455 advisory. - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode. - CVE-2023-4813: potential use-after-free in gaihinet RHEL-2435. Tenable has...
Oracle Linux 9 : glibc (ELSA-2023-12854)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12854 advisory. 2.34-60.0.3 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi Tenable has extracted the preceding...
Rocky Linux 8 : glibc (RLSA-2023:5455)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5455 advisory. - A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via...
Oracle Linux 9 : glibc (ELSA-2023-12850)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12850 advisory. 2.34-60.0.3 - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E. Marchesi Tenable has extracted the preceding...
GLSA-202310-03 : glibc: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202310-03 glibc: Multiple vulnerabilities - An issue was discovered in the GNU C Library glibc 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and...
CVE-2023-4911
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...
Buffer overflow
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...
CVE-2023-4911 Glibc: buffer overflow in ld.so leading to privilege escalation
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...
CVE-2023-4911 Glibc: buffer overflow in ld.so leading to privilege escalation
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...
CVE-2023-4911 Glibc: buffer overflow in ld.so leading to privilege escalation
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...
CVE-2023-4911
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...
Nagios Plugins check_dhcp 2.0.1 - Arbitrary Option File Read
Nagios Plugins checkdhcp 2.0.1 - Arbitrary Option File Read ============================================= - Release date: 15.05.2014 - Discovered by: Dawid Golunski - Severity: Moderate ============================================= I. VULNERABILITY ------------------------- checkdhcp - Nagios...
dqs 3.2.7 local root exploit.
Subject: dqs 3.2.7 local root exploit. Hello. DESCRIPTION: I found a buffer overflow vunerability on the /usr/bin/dsh dqs 3.2.7 package. I really don't know if this bug was discovered already. if thats right, then sorry =. If a long line on the first argument is gived, the program gives a SIGSEGV...