what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

CVE-2015-8779

Status Candidate

Overview

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

Related Files

Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
Posted Sep 4, 2019
Authored by T. Weber | Site sec-consult.com

Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities.

tags | exploit, vulnerability
systems | cisco
advisories | CVE-2014-4043, CVE-2014-9402, CVE-2014-9761, CVE-2014-9984, CVE-2015-1472, CVE-2015-5277, CVE-2015-7547, CVE-2015-8778, CVE-2015-8779, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2016-6301, CVE-2017-1000366, CVE-2017-16544, CVE-2018-20679, CVE-2019-5747
MD5 | c446ad84eeb90a116264677ada159562
Red Hat Security Advisory 2017-1916-01
Posted Aug 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1916-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, redhat, osx
advisories | CVE-2014-9761, CVE-2015-8776, CVE-2015-8777, CVE-2015-8778, CVE-2015-8779
MD5 | fb9dfc8a0c17eb7425413e38d3339afa
Red Hat Security Advisory 2017-0680-01
Posted Mar 21, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0680-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, redhat, osx
advisories | CVE-2014-9761, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779
MD5 | 1ecabbc72c7b60a99fde956929c63e70
Gentoo Linux Security Advisory 201702-11
Posted Feb 20, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-11 - Multiple vulnerabilities have been found in the GNU C Library, the worst of which allows context-dependent attackers to execute arbitrary code. Versions less than 2.23-r3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-9761, CVE-2015-5277, CVE-2015-8776, CVE-2015-8777, CVE-2015-8778, CVE-2015-8779, CVE-2016-1234, CVE-2016-3075
MD5 | ed46a9427d20949b26d924285b2efac6
Ubuntu Security Notice USN-2985-2
Posted May 26, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2985-2 - USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-2014-9761 and a future update will be provided to address this issue. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-8121, CVE-2014-9761, CVE-2015-1781, CVE-2015-5277, CVE-2015-8776, CVE-2015-8777, CVE-2015-8778, CVE-2015-8779, CVE-2016-3075
MD5 | bc09346c98299cdd5f4ba8c06147a6da
Gentoo Linux Security Advisory 201602-02
Posted Feb 17, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201602-2 - Multiple vulnerabilities have been found in the GNU C library, the worst allowing for remote execution of arbitrary code. Versions less than 2.21-r2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-7423, CVE-2014-0475, CVE-2014-5119, CVE-2014-6040, CVE-2014-7817, CVE-2014-8121, CVE-2014-9402, CVE-2015-1472, CVE-2015-1781, CVE-2015-7547, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779
MD5 | 4ae3105bd8ed710ad3f2ffe994f6efdc
Debian Security Advisory 3481-1
Posted Feb 17, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3481-1 - Several vulnerabilities have been fixed in the GNU C Library, glibc.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-7547, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779
MD5 | 9034fad1da543864be639b431070c950
Debian Security Advisory 3480-1
Posted Feb 16, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3480-1 - Several vulnerabilities have been fixed in the GNU C Library, eglibc.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-8121, CVE-2015-1781, CVE-2015-7547, CVE-2015-8776, CVE-2015-8777, CVE-2015-8778, CVE-2015-8779
MD5 | 83aa6b02df0a111f7a201c0d5e2cb54e
Ubuntu Security Notice USN-2985-1
Posted May 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2985-1 - Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did not properly manage its file descriptors. An attacker could use this to cause a denial of service (infinite loop). Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2013-2207, CVE-2014-8121, CVE-2014-9761, CVE-2015-1781, CVE-2015-5277, CVE-2015-8776, CVE-2015-8777, CVE-2015-8778, CVE-2015-8779, CVE-2016-2856, CVE-2016-3075
MD5 | 3f2df4217b9adccdba110c883117f6d0
Page 1 of 1
Back1Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    6 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close