The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector.
5c8f473ce950d3d7fc4a502cd31cbb68d69766f0ee3d50da6ac20921262a4c65Red Hat Security Advisory 2012-0125-01 - The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
b6e05a59af39b290a68a9fe97a9154b04697ee0e444b07fea716715d9493bda2VMware Security Advisory 2011-0012 - VMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues.
7fd5e9259774393a258a0c189d667e06ba833c9fb8b0cd11fa8fb35727aecafaGentoo Linux Security Advisory 201011-1 - Multiple vulnerabilities were found in glibc, the worst of which allowing local attackers to execute arbitrary code as root. Multiple vulnerabilities were found in glibc, amongst others the widely-known recent LD_AUDIT and $ORIGIN issues. For further information please consult the CVE entries referenced below. Versions less than 2.11.2-r3 are affected.
e7fd1080a732debd69f8864702d36b5571373a61bee34c47c11be74bc1e37420Debian Linux Security Advisory 2058-1 - Several vulnerabilities have been discovered in the GNU C Library (aka glibc) and its derivatives.
a3e6451fc8bc3981f5bacfe1586c02bc17698e70155ea54426f4c30b9fb42d4bMandriva Linux Security Advisory 2010-112 - Multiple vulnerabilities was discovered and fixed in glibc. The updated packages have been patched to correct these issues.
1539ef48affa2bdd4ff1fbcb10baca165eb4383531035668c0ec1d1d3f31e4c6Mandriva Linux Security Advisory 2010-111 - Multiple vulnerabilities was discovered and fixed in glibc. The updated packages have been patched to correct these issues.
b67df34d081ca3c40a950f5fc06c07bbc5bc25a1e0a4984f6007c19901456d83Ubuntu Security Notice 944-1 - Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. (Ubuntu 10.04 was not affected.) Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges. Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges.
3912a2ecbd425f205230279f33dba703af4f372c3f17130c8ea1d9cf79a904f4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed