Page 21 of 106 results (0.005 seconds)

CVSS: 2.1EPSS: 0%CPEs: 25EXPL: 0

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. • http://bugs.gentoo.org/show_bug.cgi?id=59526 http://secunia.com/advisories/12306 http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml http://www.redhat.com/support/errata/RHSA-2005-256.html http://www.redhat.com/support/errata/RHSA-2005-261.html http://www.securityfocus.com/bid/10963 https://exchange.xforce.ibmcloud.com/vulnerabilities/17006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762 https://access.redhat.com/security/cve&#x •

CVSS: 2.1EPSS: 0%CPEs: 26EXPL: 0

The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. • http://marc.info/?l=bugtraq&m=109899903129801&w=2 http://www.debian.org/security/2005/dsa-636 http://www.mandriva.com/security/advisories?name=MDKSA-2004:159 http://www.redhat.com/support/errata/RHSA-2005-261.html https://access.redhat.com/security/cve/CVE-2004-1382 https://bugzilla.redhat.com/show_bug.cgi?id=1617410 •

CVSS: 2.1EPSS: 0%CPEs: 30EXPL: 0

The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318 http://security.gentoo.org/glsa/glsa-200410-19.xml http://www.debian.org/security/2005/dsa-636 http://www.redhat.com/support/errata/RHSA-2004-586.html http://www.redhat.com/support/errata/RHSA-2005-261.html http://www.securityfocus.com/bid/11286 http://www.trustix.org/errata/2004/0050 https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre. •

CVSS: 4.9EPSS: 0%CPEs: 18EXPL: 0

The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. La función getifaddres en GNU libc (glibc) 2.2.4 y anteriores permite a usuarios locales causar una denegación de servicio enviando mensajes suplantando a otros usuarios al interfaz del kernel netlink. • http://www.redhat.com/support/errata/RHSA-2003-325.html http://www.redhat.com/support/errata/RHSA-2003-334.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337 https://access.redhat.com/security/cve/CVE-2003-0859 https://bugzilla.redhat.com/show_bug.cgi?id=1617097 •

CVSS: 7.5EPSS: 96%CPEs: 165EXPL: 1

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. Desbordamiento de entero en la función xdrmem_getbytes(), y posiblemente otras funciones, de librerias XDR (representación de datos externos) derivadas de SunRPC, incluyendo libnsl, libc y glibc permite a atacantes remotos ejecutar código arbitrario mediante ciertos valores enteros en campos de longitud. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html http://marc.info/?l=bugtraq&m=104810574423662&w=2 http://marc.info/?l=bugtraq&m=104811415301340&w=2 http://marc.info/?l=bugtraq&m=104860855114117&w=2 http://marc.info/?l=bugtraq&m=104878237121402&w=2 http://marc.info/? •