Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): GNU C Library
- Search Type: Search All
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-5064 |
ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc. Published: March 30, 2011; 6:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-4756 |
The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. Published: March 02, 2011; 3:00:01 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2010-4052 |
Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD. Published: January 13, 2011; 2:00:02 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2010-4051 |
The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a "RE_DUP_MAX overflow." Published: January 13, 2011; 2:00:02 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2010-3856 |
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so. Published: January 07, 2011; 2:00:17 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2010-3847 |
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory. Published: January 07, 2011; 2:00:17 PM -0500 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-3999 |
gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. Published: November 05, 2010; 1:00:03 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-3192 |
Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) implementations. Published: October 14, 2010; 1:58:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2010-2953 |
Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current working directory. Published: September 14, 2010; 3:00:01 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-2898 |
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors. Published: July 28, 2010; 4:00:10 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2010-0830 |
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header. Published: June 01, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2010-0296 |
The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request. Published: June 01, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2009-4881 |
Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391. Published: June 01, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-4880 |
Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391. Published: June 01, 2010; 4:30:02 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2010-0731 |
The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number. Published: March 26, 2010; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2010-0015 |
nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function. Published: January 14, 2010; 1:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2009-2409 |
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. Published: July 30, 2009; 3:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2008-4551 |
strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_export function in the GNU Multiprecision Library (GMP). Published: October 14, 2008; 4:00:01 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2007-6613 |
Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name. Published: January 03, 2008; 5:46:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-0645 |
Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test suite. Published: February 10, 2006; 1:06:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |