Page 21 of 143 results (0.013 seconds)

CVSS: 6.8EPSS: 0%CPEs: 27EXPL: 0

CVE-2013-4237 – glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters

https://notcve.org/view.php?id=CVE-2013-4237

sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image. sysdeps/posix/readdir_r.c en GNU C Library (también conocido como glibc o libc6) 2.18 y anteriores permite a atacantes dependientes del contexto provocar una denegación de servicio (escritura fuera de límites y cuelgue) o posiblemente ejecutar código arbitrario a través de (1) NTFS o (2) una imagen CIFS manipulada. An out-of-bounds write flaw was found in the way the glibc's readdir_r() function handled file system entries longer than the NAME_MAX character constant. A remote attacker could provide a specially crafted NTFS or CIFS file system that, when processed by an application using readdir_r(), would cause that application to crash or, potentially, allow the attacker to execute arbitrary code with the privileges of the user running the application. • http://secunia.com/advisories/55113 http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 http://www.openwall.com/lists/oss-security/2013/08/12/8 http://www.securityfocus.com/bid/61729 http://www.ubuntu.com/usn/USN-1991-1 https://bugzilla.redhat.com/show_bug.cgi?id=995839 https://security.gentoo.org/glsa/201503-04 https://sourceware.org/bugzilla/show_bug.cgi?id=14699 https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=91ce40854d0b7f865cf5024ef95a8026 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 4.4EPSS: 0%CPEs: 28EXPL: 2

CVE-2013-4332 – glibc: three integer overflows in memory allocator

https://notcve.org/view.php?id=CVE-2013-4332

Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc functions. Múltiples desbordamientos de enteros en malloc/malloc.c de GNU C Library (también conocida como glibc o libc6) 2.18 y anteriores versiones permite a atacantes dependientes del contexto provocar una denegación de servicio (corrupción de memoria dinámica) a través de un valor largo de funciones (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, o (5) aligned_alloc. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions (pvalloc, valloc, and memalign). If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. • http://rhn.redhat.com/errata/RHSA-2013-1411.html http://rhn.redhat.com/errata/RHSA-2013-1605.html http://secunia.com/advisories/55113 http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 http://www.openwall.com/lists/oss-security/2013/09/12/6 http://www.securityfocus.com/bid/62324 http://www.ubuntu.com/usn/USN-1991-1 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4332 https:// • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 4.3EPSS: 1%CPEs: 33EXPL: 1

CVE-2013-4122

https://notcve.org/view.php?id=CVE-2013-4122

Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference. SASL de Cyrus, 2.1.23, 2.1.26 y anteriores no trabaja correctamente cuando un valor NULL se devuelve a un error de la función crypt como se aplica en glibc 2.17 y posteriores, lo que permite a atacantes remotos provocar una denegación de servicio (caída de hilo y el consumo) a través de una "salt" no válido o, cuando FIPS-140 está activado, a contraseñas cifradas con DES o MD5, lo que desencadena una referencia a un puntero NULL • http://git.cyrusimap.org/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d http://security.gentoo.org/glsa/glsa-201309-01.xml http://www.debian.org/security/2015/dsa-3368 http://www.openwall.com/lists/oss-security/2013/07/12/3 http://www.openwall.com/lists/oss-security/2013/07/12/6 http://www.openwall.com/lists/oss-security/2013/07/13/1 http://www.openwall.com/lists/oss-security/2013/07/15/1 http://www.ubuntu.com/usn/USN-2755-1 https://www • CWE-189: Numeric Errors •

CVSS: 5.1EPSS: 1%CPEs: 28EXPL: 3

CVE-2013-4788 – glibc and eglibc 2.5/2.7/2.13 - Local Buffer Overflow

https://notcve.org/view.php?id=CVE-2013-4788

The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address. La implementación PTR_MANGLE en la GNU C Library (librería también conocida como glibc o libc6) 2.4, 2.17 y versiones anteriores y Embedded GLIBC (EGLIBC) no inicia el valor aleatorio para la guardia de puntero, lo que facilita a atacantes dependientes del contexto controlar la ejecución de flujo aprovechando una vulnerabilidad de desbordamiento de búfer en una aplicación y utilizando el valor cero conocido guardia de puntero para calcular la dirección de puntero. • https://www.exploit-db.com/exploits/28657 http://hmarco.org/bugs/CVE-2013-4788.html http://seclists.org/fulldisclosure/2015/Sep/23 http://www.mandriva.com/security/advisories?name=MDVSA-2013:283 http://www.mandriva.com/security/advisories?name=MDVSA-2013:284 http://www.openwall.com/lists/oss-security/2013/07/15/9 http://www.securityfocus.com/bid/61183 https://security.gentoo.org/glsa/201503-04 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 16%CPEs: 36EXPL: 0

CVE-2013-1914 – glibc: Stack (frame) overflow in getaddrinfo() when processing entry mapping to long list of address structures

https://notcve.org/view.php?id=CVE-2013-1914

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results. Desbordamiento de búfer basado en pila en la función getaddrinfo en sysdeps/posix/getaddrinfo.c en GNU C Library (tambien conocido como glibc o libc6) v2.17 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un (1) nombre de host o (2) una dirección IP que desencadenan un gran número de resultados en la conversión de dominio. It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. Many Moxa devices suffer from command injection, cross site scripting, and outdated software vulnerabilities. • http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html http://rhn.redhat.com/errata/RHSA-2013-0769.html http://rhn.redhat.com/errata/RHSA-2013-1605.html http://seclists.org/fulldisclosure/2021/Sep/0 http://secunia.com/advisories/52817 http://secunia.com/advisories/55113 http://sourceware.org/bugzilla/show_bug.cgi?id=15330 http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7 http://www.mandriva • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •