CVE-2018-11236 – glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow
https://notcve.org/view.php?id=CVE-2018-11236
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. stdlib/canonicalize.c en GNU C Library (también conocida como glibc o libc6), en versiones 2.27 y anteriores, al procesar argumentos con un nombre de ruta muy largo en la función realpath, podría encontrarse con un desbordamiento de enteros en arquitecturas de 32 bits. Esto podría desembocar en un desbordamiento de búfer basado en pila y en una potencial ejecución de código arbitrario. • http://www.securityfocus.com/bid/104255 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3092 https://security.netapp.com/advisory/ntap-20190329-0001 https://security.netapp.com/advisory/ntap-20190401-0001 https://sourceware.org/bugzilla/show_bug.cgi?id=22786 https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5460617d1567657621107d895ee2dd83bc1f88f2 https://usn.ubuntu.com/4416-1 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.h • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2018-6485 – glibc: Integer overflow in posix_memalign in memalign functions
https://notcve.org/view.php?id=CVE-2018-6485
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. Un desbordamiento de enteros en la implementación de posix_memalign en las funciones memalign en GNU C Library (también conocido como glibc o libc6) en versiones 2.26 y anteriores podría provocar que estas funciones devuelvan un puntero a un área de la memoria dinámica (heap) demasiado pequeña, pudiendo corromper el heap. • http://bugs.debian.org/878159 http://www.securityfocus.com/bid/102912 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3092 https://security.netapp.com/advisory/ntap-20190404-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=22343 https://usn.ubuntu.com/4218-1 https://usn.ubuntu.com/4416-1 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://access.redhat.com/security/cve/CVE-2018-6485 https:/ • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2015-0235 – Exim ESMTP 4.80 - glibc gethostbyname Denial of Service
https://notcve.org/view.php?id=CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST." Desbordamiento de buffer basado en memoria dinámica en la función __nss_hostname_digits_dots en glibc 2.2, y otras versiones 2.x anteriores a 2.18, permite a atacantes dependientes de contexto ejecutar código arbitrario a través de vectores relacionados con la funciín (1) gethostbyname o (2) gethostbyname2, también conocido como 'GHOST.' A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application. The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. • https://www.exploit-db.com/exploits/35951 https://www.exploit-db.com/exploits/36421 https://github.com/aaronfay/CVE-2015-0235-test https://github.com/makelinux/CVE-2015-0235-workaround https://github.com/sUbc0ol/CVE-2015-0235 https://github.com/mikesplain/CVE-2015-0235-cookbook https://github.com/tobyzxj/CVE-2015-0235 https://github.com/adherzog/ansible-CVE-2015-0235-GHOST http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux http:/ • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •