Errata ALT-PU-2016-1514-1: Information
Fixes
Published: June 1, 2016
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-1234
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=19779
- [oss-security] 20160307 CVE-2016-1234 in glibc glob with GLOB_ALTDIRFUNC
- FEDORA-2016-68abc0be35
- openSUSE-SU-2016:1527
- openSUSE-SU-2016:1779
- 84204
- GLSA-201702-11
- 20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices
- http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
Published: June 1, 2016
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-3075
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: June 10, 2016
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2016-3706
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
- https://sourceware.org/bugzilla/show_bug.cgi?id=20010
- openSUSE-SU-2016:1527
- openSUSE-SU-2016:1779
- 88440
- http://www-01.ibm.com/support/docview.wss?uid=swg21995039
- https://source.android.com/security/bulletin/2017-12-01
- 102073
- https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9