9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
GNU C Library is vulnerable to arbitrary code execution. A remote unauthenticated attacker could cause a buffer overflow during unescaping of user names with the ~ operator resulting in denial of service conditions and code execution attacks.
www.securityfocus.com/bid/101535
access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html
access.redhat.com/errata/RHSA-2018:0805
access.redhat.com/errata/RHSA-2018:1879
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1348000
bugzilla.redhat.com/show_bug.cgi?id=1349962
bugzilla.redhat.com/show_bug.cgi?id=1349964
bugzilla.redhat.com/show_bug.cgi?id=1372305
bugzilla.redhat.com/show_bug.cgi?id=1398413
bugzilla.redhat.com/show_bug.cgi?id=1432085
bugzilla.redhat.com/show_bug.cgi?id=1435615
bugzilla.redhat.com/show_bug.cgi?id=1440250
bugzilla.redhat.com/show_bug.cgi?id=1443236
bugzilla.redhat.com/show_bug.cgi?id=1445644
bugzilla.redhat.com/show_bug.cgi?id=1445781
bugzilla.redhat.com/show_bug.cgi?id=1447556
bugzilla.redhat.com/show_bug.cgi?id=1448822
bugzilla.redhat.com/show_bug.cgi?id=1452034
bugzilla.redhat.com/show_bug.cgi?id=1463692
bugzilla.redhat.com/show_bug.cgi?id=1468807
bugzilla.redhat.com/show_bug.cgi?id=1471111
bugzilla.redhat.com/show_bug.cgi?id=1482988
bugzilla.redhat.com/show_bug.cgi?id=1484034
bugzilla.redhat.com/show_bug.cgi?id=1508895
bugzilla.redhat.com/show_bug.cgi?id=1527904
bugzilla.redhat.com/show_bug.cgi?id=1528418
bugzilla.redhat.com/show_bug.cgi?id=1529982
bugzilla.redhat.com/show_bug.cgi?id=677316
sourceware.org/bugzilla/show_bug.cgi?id=22332
sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P