Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2009-5029
HistoryDec 19, 2011 - 12:00 a.m.

CVE-2009-5029

2011-12-1900:00:00
ubuntu.com
ubuntu.com
8

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.9%

JSON

Integer overflow in the __tzfile_read function in glibc before 2.15 allows
context-dependent attackers to cause a denial of service (crash) and
possibly execute arbitrary code via a crafted timezone (TZ) file, as
demonstrated using vsftpd.

Bugs

Notes

Author Note
mdeslaur see upstream bug for possible typo in commit
sbeattie lucid also needs stdint.h included to get SIZE_MAX
jdstrand patch in patches/any/cvs-tzfile.diff on precise
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarcheglibc< 2.11.1-0ubuntu7.10UNKNOWN
ubuntu10.10noarcheglibc< 2.12.1-0ubuntu10.4UNKNOWN
ubuntu11.04noarcheglibc< 2.13-0ubuntu13.1UNKNOWN
ubuntu11.10noarcheglibc< 2.13-20ubuntu5.1UNKNOWN
ubuntu8.04noarchglibc< 2.7-10ubuntu8.1UNKNOWN

Related

nessus 29
fedora 1
openvas 31
suse 4
slackware 1
debiancve 1
prion 1
veracode 1
cve 1
amazon 1
redhat 5
oraclelinux 3
centos 3
gentoo 1
securityvulns 2
ubuntu 1
vmware 4
nessus
nessus
SuSE 10 Security Update : glibc (ZYPP Patch Number 7896)
2012-01-05 00:00:00
openSUSE Security Update : glibc (openSUSE-2012-32)
2014-06-13 00:00:00
Slackware 13.1 / 13.37 / current : glibc (SSA:2012-041-03)
2012-02-13 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: glibc-2.14.1-5
2012-01-17 20:24:50
openvas
openvas
Fedora Update for glibc FEDORA-2012-0018
2012-01-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0033-1)
2021-06-09 00:00:00
Fedora Update for glibc FEDORA-2012-0018
2012-01-20 00:00:00
suse
suse
Security update for glibc (important)
2012-01-05 12:25:46
glibc (important)
2012-01-05 19:08:22
Security update for glibc (important)
2012-01-05 12:08:52
slackware
slackware
[slackware-security] glibc
2012-02-10 17:44:30
debiancve
debiancve
CVE-2009-5029
2013-05-02 14:55:00
prion
prion
Integer overflow
2013-05-02 14:55:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:10:28
cve
cve
CVE-2009-5029
2013-05-02 14:55:00
amazon
amazon
Medium: glibc
2012-02-02 14:26:00
redhat
redhat
(RHSA-2012:0058) Moderate: glibc security and bug fix update
2012-01-24 00:00:00
(RHSA-2012:0126) Moderate: glibc security update
2012-02-13 00:00:00
(RHSA-2012:0109) Important: rhev-hypervisor6 security and bug fix update
2012-02-15 00:00:00
oraclelinux
oraclelinux
glibc security and bug fix update
2012-01-24 00:00:00
glibc security update
2012-02-13 00:00:00
glibc security and bug fix update
2012-02-13 00:00:00
centos
centos
glibc, nscd security update
2012-01-30 20:26:30
glibc, nscd security update
2012-02-14 03:06:54
glibc, nptl, nscd security update
2012-02-14 02:09:08
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2013-12-03 00:00:00
securityvulns
securityvulns
[USN-1396-1] GNU C Library vulnerabilities
2012-03-10 00:00:00
VMSA-2012-0018 VMware security updates for vCSA and ESXi
2013-01-02 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2012-03-09 00:00:00
vmware
vmware
VMware security updates for vCSA, vCenter Server, and ESXi
2012-12-20 00:00:00
VMware security updates for vCSA, vCenter Server, and ESXi
2012-12-20 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.9%

JSON
Related for UB:CVE-2009-5029
nessus29fedora1openvas31suse4slackware1debiancve1prion1veracode1cve1amazon1redhat5oraclelinux3centos3gentoo1securityvulns2ubuntu1vmware4