Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities.
c446ad84eeb90a116264677ada159562The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector.
a09f936638884fd22851a65866810badMandriva Linux Security Advisory 2015-168 - Updated glibc packages fix multiple security vulnerabilities.
b7bc646306e46a1f68447be66b599961Gentoo Linux Security Advisory 201503-4 - Multiple vulnerabilities have been found in GNU C Library, the worst of which allowing a local attacker to execute arbitrary code or cause a Denial of Service. Versions less than 2.19-r1 are affected.
f85fc2ac92288c38034eb6f805166308Debian Linux Security Advisory 3169-1 - Several vulnerabilities have been fixed in eglibc, Debian's version of the GNU C library.
4db927bf38478ac3ca12626d9dbf18eeSlackware Security Advisory - New glibc packages are available for Slackware 14.1 and -current to fix security issues.
cb4f932fa481526a80b99676e459f3f5Ubuntu Security Notice 2306-3 - USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the fix for CVE-2013-4357 introduced a memory leak in getaddrinfo. This update fixes the problem. Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS. It was discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. Stephane Chazelas discovered that the GNU C Library incorrectly handled locale environment variables. An attacker could use this issue to possibly bypass certain restrictions such as the ForceCommand restrictions in OpenSSH. David Reid, Glyph Lefkowitz, and Alex Gaynor discovered that the GNU C Library incorrectly handled posix_spawn_file_actions_addopen() path arguments. An attacker could use this issue to cause a denial of service. Various other issues were also addressed.
7ee5d196174da9ef3887b78945a08eefMandriva Linux Security Advisory 2014-152 - Updated glibc packages fix various security issues.
ba4ab5ac9e1ceab4b108a88939d64a6bUbuntu Security Notice 2306-2 - USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the security update cause a regression in certain environments that use the Name Service Caching Daemon (nscd), such as those configured for LDAP or MySQL authentication. In these environments, the nscd daemon may need to be stopped manually for name resolution to resume working so that updates can be downloaded, including environments configured for unattended updates. Various other issues were also addressed.
9ea9f20931ab38878091da4a533d94e7Ubuntu Security Notice 2306-1 - Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS. It was discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. Various other issues were also addressed.
579fa5c25c72e2ab3f95731313197a97
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed