Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2014:1122-1)
Summary:The remote host is missing an update for the 'glibc' package(s) announced via the SUSE-SU-2014:1122-1 advisory.
The remote host is missing an update for the 'glibc' package(s) announced via the SUSE-SU-2014:1122-1 advisory.

Vulnerability Insight:
This glibc update fixes a critical privilege escalation vulnerability and the following security and non-security issues:

* bnc#892073: An off-by-one error leading to a heap-based buffer
overflow was found in __gconv_translit_find(). An exploit that targets the problem is publicly available. (CVE-2014-5119)
* bnc#886416: Avoid redundant shift character in iconv output at block
* bnc#883022: Initialize errcode in sysdeps/unix/opendir.c.
* bnc#882600: Copy filename argument in
posix_spawn_file_actions_addopen. (CVE-2014-4043)
* bnc#864081: Take lock in pthread_cond_wait cleanup handler only when
* bnc#843735: Don't crash on unresolved weak symbol reference.
* bnc#839870: Fix integer overflows in malloc. (CVE-2013-4332)
* bnc#836746: Avoid race between {,__de}allocate_stack and
__reclaim_stacks during fork.
* bnc#834594: Fix readdir_r with long file names. (CVE-2013-4237)
* bnc#830268: Initialize pointer guard also in static executables.
* bnc#801246: Fix buffer overrun in regexp matcher. (CVE-2013-0242)
* bnc#779320: Fix buffer overflow in strcoll. (CVE-2012-4412)
* bnc#750741: Use absolute timeout in x86 pthread_cond_timedwait.

Security Issues:

* CVE-2014-5119
* CVE-2014-4043
* CVE-2012-4412
* CVE-2013-0242
* CVE-2013-4788
* CVE-2013-4237
* CVE-2013-4332

Affected Software/OS:
'glibc' package(s) on SUSE Linux Enterprise Server 11 SP1

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-4412
Bugtraq: 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-0242
BugTraq ID: 57638
RedHat Security Advisories: RHSA-2013:0769
RedHat Security Advisories: RHSA-2013:1605
XForce ISS Database: glibc-extendbuffers-dos(81707)
Common Vulnerability Exposure (CVE) ID: CVE-2013-4237
BugTraq ID: 61729
Common Vulnerability Exposure (CVE) ID: CVE-2013-4332
BugTraq ID: 62324
RedHat Security Advisories: RHSA-2013:1411
Common Vulnerability Exposure (CVE) ID: CVE-2013-4788
BugTraq ID: 61183
Common Vulnerability Exposure (CVE) ID: CVE-2014-4043
BugTraq ID: 68006
Bugtraq: 20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1387 (Google Search)
XForce ISS Database: gnuclibrary-cve20144043-code-exec(93784)
Common Vulnerability Exposure (CVE) ID: CVE-2014-5119
BugTraq ID: 68983
BugTraq ID: 69738
Cisco Security Advisory: 20140910 Cisco Unified Communications Manager glibc Arbitrary Code Execution Vulnerability
Debian Security Information: DSA-3012 (Google Search)
RedHat Security Advisories: RHSA-2014:1110
RedHat Security Advisories: RHSA-2014:1118
SuSE Security Announcement: SUSE-SU-2014:1125 (Google Search)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.