Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.703169 |
Category: | Debian Local Security Checks |
Title: | Debian Security Advisory DSA 3169-1 (eglibc - security update) |
Summary: | Several vulnerabilities have been fixed;in eglibc, Debian's version of the GNU C library:;;CVE-2012-3406The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka;glibc) 2.5, 2.12, and probably other versions does not properly restrict;the use of the alloca function when allocating the SPECS array, which;allows context-dependent attackers to bypass the FORTIFY_SOURCE;format-string protection mechanism and cause a denial of service (crash);or possibly execute arbitrary code via a crafted format string using;positional parameters and a large number of format specifiers, a different;vulnerability than;CVE-2012-3404 and;CVE-2012-3405;.;;CVE-2013-7424;An invalid free flaw was found in glibc's getaddrinfo() function when used;with the AI_IDN flag. A remote attacker able to make an application call;this function could use this flaw to execute arbitrary code with the;permissions of the user running the application. Note that this flaw only;affected applications using glibc compiled with libidn support.;;CVE-2014-4043;The posix_spawn_file_actions_addopen function in glibc before 2.20 does not;copy its path argument in accordance with the POSIX specification, which;allows context-dependent attackers to trigger use-after-free;vulnerabilities.;;CVE-2014-9402;The getnetbyname function in glibc 2.21 or earlier will enter an infinite;loop if the DNS backend is activated in the system Name Service Switch;configuration, and the DNS resolver receives a positive answer while;processing the network name.;;CVE-2015-1472 /;CVE-2015-1473;Under certain conditions wscanf can allocate too little memory for the;to-be-scanned arguments and overflow the allocated buffer. The incorrect;use of '__libc_use_alloca (newsize)' caused a different (and weaker);policy to be enforced which could allow a denial of service attack. |
Description: | Summary: Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library: CVE-2012-3406The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not properly restrict the use of the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405 . CVE-2013-7424 An invalid free flaw was found in glibc's getaddrinfo() function when used with the AI_IDN flag. A remote attacker able to make an application call this function could use this flaw to execute arbitrary code with the permissions of the user running the application. Note that this flaw only affected applications using glibc compiled with libidn support. CVE-2014-4043 The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities. CVE-2014-9402 The getnetbyname function in glibc 2.21 or earlier will enter an infinite loop if the DNS backend is activated in the system Name Service Switch configuration, and the DNS resolver receives a positive answer while processing the network name. CVE-2015-1472 / CVE-2015-1473 Under certain conditions wscanf can allocate too little memory for the to-be-scanned arguments and overflow the allocated buffer. The incorrect use of '__libc_use_alloca (newsize)' caused a different (and weaker) policy to be enforced which could allow a denial of service attack. Affected Software/OS: eglibc on Debian Linux Solution: For the stable distribution (wheezy), these issues are fixed in version 2.13-38+deb7u8 of the eglibc package. For the unstable distribution (sid), all the above issues are fixed in version 2.19-15 of the glibc package. We recommend that you upgrade your eglibc packages. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-3404 https://security.gentoo.org/glsa/201503-04 http://www.openwall.com/lists/oss-security/2012/07/11/17 RedHat Security Advisories: RHSA-2012:1098 http://rhn.redhat.com/errata/RHSA-2012-1098.html RedHat Security Advisories: RHSA-2012:1200 http://rhn.redhat.com/errata/RHSA-2012-1200.html http://www.ubuntu.com/usn/USN-1589-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-3405 Common Vulnerability Exposure (CVE) ID: CVE-2012-3406 RedHat Security Advisories: RHSA-2012:1097 http://rhn.redhat.com/errata/RHSA-2012-1097.html RedHat Security Advisories: RHSA-2012:1185 http://rhn.redhat.com/errata/RHSA-2012-1185.html Common Vulnerability Exposure (CVE) ID: CVE-2013-7424 BugTraq ID: 72710 http://www.securityfocus.com/bid/72710 http://www.openwall.com/lists/oss-security/2015/01/29/21 RedHat Security Advisories: RHSA-2015:1627 http://rhn.redhat.com/errata/RHSA-2015-1627.html Common Vulnerability Exposure (CVE) ID: CVE-2014-4043 BugTraq ID: 68006 http://www.securityfocus.com/bid/68006 Bugtraq: 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series (Google Search) https://seclists.org/bugtraq/2019/Jun/14 Bugtraq: 20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X (Google Search) https://seclists.org/bugtraq/2019/Sep/7 http://seclists.org/fulldisclosure/2019/Jun/18 http://seclists.org/fulldisclosure/2019/Sep/7 http://www.mandriva.com/security/advisories?name=MDVSA-2014:152 http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html SuSE Security Announcement: openSUSE-SU-2015:1387 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html XForce ISS Database: gnuclibrary-cve20144043-code-exec(93784) https://exchange.xforce.ibmcloud.com/vulnerabilities/93784 Common Vulnerability Exposure (CVE) ID: CVE-2014-9402 BugTraq ID: 71670 http://www.securityfocus.com/bid/71670 https://security.gentoo.org/glsa/201602-02 http://www.openwall.com/lists/oss-security/2014/12/18/1 RedHat Security Advisories: RHSA-2018:0805 https://access.redhat.com/errata/RHSA-2018:0805 SuSE Security Announcement: openSUSE-SU-2015:0351 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html http://www.ubuntu.com/usn/USN-2519-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-1472 BugTraq ID: 72428 http://www.securityfocus.com/bid/72428 https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html http://openwall.com/lists/oss-security/2015/02/04/1 Common Vulnerability Exposure (CVE) ID: CVE-2015-1473 BugTraq ID: 72499 http://www.securityfocus.com/bid/72499 |
Copyright | Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |