Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2014:1128-1)
Summary:The remote host is missing an update for the 'glibc' package(s) announced via the SUSE-SU-2014:1128-1 advisory.
The remote host is missing an update for the 'glibc' package(s) announced via the SUSE-SU-2014:1128-1 advisory.

Vulnerability Insight:
This glibc update fixes a critical privilege escalation problem and the following security and non-security issues:

* bnc#892073: An off-by-one error leading to a heap-based buffer
overflow was found in __gconv_translit_find(). An exploit that targets the problem is publicly available. (CVE-2014-5119)
* bnc#882600: Copy filename argument in
posix_spawn_file_actions_addopen. (CVE-2014-4043)
* bnc#860501: Use O_LARGEFILE for utmp file.
* bnc#842291: Fix typo in glibc-2.5-dlopen-lookup-race.diff.
* bnc#839870: Fix integer overflows in malloc. (CVE-2013-4332)
* bnc#834594: Fix readdir_r with long file names. (CVE-2013-4237)
* bnc#824639: Drop lock before calling malloc_printerr.
* bnc#801246: Fix buffer overrun in regexp matcher. (CVE-2013-0242)
* bnc#779320: Fix buffer overflow in strcoll. (CVE-2012-4412)
* bnc#894556 / bnc#894553: Fix crashes on invalid input in IBM gconv
modules. (CVE-2014-6040, CVE-2012-6656, bnc#894553, bnc#894556,
BZ#17325, BZ#14134)

Security Issues:

* CVE-2014-5119
* CVE-2014-4043
* CVE-2013-4332
* CVE-2013-4237
* CVE-2013-0242
* CVE-2012-4412

Affected Software/OS:
'glibc' package(s) on SUSE Linux Enterprise Server 10 SP3

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-4412
Bugtraq: 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2012-6656
BugTraq ID: 69472
Debian Security Information: DSA-3142 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-0242
BugTraq ID: 57638
RedHat Security Advisories: RHSA-2013:0769
RedHat Security Advisories: RHSA-2013:1605
XForce ISS Database: glibc-extendbuffers-dos(81707)
Common Vulnerability Exposure (CVE) ID: CVE-2013-4237
BugTraq ID: 61729
Common Vulnerability Exposure (CVE) ID: CVE-2013-4332
BugTraq ID: 62324
RedHat Security Advisories: RHSA-2013:1411
Common Vulnerability Exposure (CVE) ID: CVE-2014-4043
BugTraq ID: 68006
Bugtraq: 20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1387 (Google Search)
XForce ISS Database: gnuclibrary-cve20144043-code-exec(93784)
Common Vulnerability Exposure (CVE) ID: CVE-2014-5119
BugTraq ID: 68983
BugTraq ID: 69738
Cisco Security Advisory: 20140910 Cisco Unified Communications Manager glibc Arbitrary Code Execution Vulnerability
Debian Security Information: DSA-3012 (Google Search)
RedHat Security Advisories: RHSA-2014:1110
RedHat Security Advisories: RHSA-2014:1118
SuSE Security Announcement: SUSE-SU-2014:1125 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-6040
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.