Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components.
811819aa67b6ad1bef552d7cc55544b3fd1c366dc092a396d3d23c2d49bd1e36Many Moxa devices suffer from command injection, cross site scripting, and outdated software vulnerabilities.
91e5218cfa2c2452c1da0918b3b85328aad5bcf76352c949affc7a9a10a95a39Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities.
3726cd3c69f647990c48b627f7552d3a2fdba185bb79ef1247f427b865bde817HP Security Bulletin HPSBMU03685 1 - Multiple potential security vulnerabilities have been identified in HPE Insight Control server provisioning (ICsp) software. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), arbitrary code execution, arbitrary command execution, unauthorized access to files or disclosure of sensitive information. Revision 1 of this advisory.
7c572b3e24df1d149872d9d6f48b13a5c0031cc58055e6a8a1c95b1c448324e2glibc getaddrinfo stack-based buffer overflow exploit that leverages the priorly disclosed issue by Google.
a61fe48c92c2f4e8a5665c7ab58fdd412c2282ae7abcf30ca24c5f9a113ee283HP Security Bulletin HPSBST03603 1 - HPE StoreVirtual products running LeftHand OS has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). This vulnerability could be remotely exploited to cause Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
7a1938552ec305f40be8a23af07bd878dc473a9a0b00a6ec1d1ad7c762c07075HP Security Bulletin HPSBGN03553 1 - HP OneView has addressed stack based buffer overflows in glibc's implementation of getaddrinfo() and also a vulnerability in OpenSSL. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of the user running glibc library. Revision 1 of this advisory.
3617e671a811e5e4891b16d55373f0c543a2327eaeb55d97e84f1a429f8e0a07HP Security Bulletin HPSBGN03442 2 - HPE Helion OpenStack has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 2 of this advisory.
186f43f7a6764e45853fc9e00be530ce4c2d2318aed00bacd397094ffd9ba277HP Security Bulletin HPSBMU03612 1 - Multiple potential security vulnerabilities have been identified with HPE Insight Control (IC) on Windows which could be exploited remotely resulting in Denial of Service (DoS), Unauthorized Access, Cross-site scripting (XSS), Execution of Arbitrary code, Disclosure of Sensitive Information,Remote Code Execution and locally resulting in Cross-site Request Forgery (CSRF). Revision 1 of this advisory.
55b881f2a237e07f9560dcebcf5f78996c72fe03931da60fb9afbd2da087871dHP Security Bulletin HPSBHF03578 1 - HPE ConvergedSystem for SAP HANA Solutions has addressed stack-based buffer overflows in the GNU C library's (glibc) implementation of the getaddrinfo() library function. These vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user using the glibc library. Revision 1 of this advisory.
f467478965503248c96c094ed51e89e4ccb098e7d4023a82cd28359603541c37HP Security Bulletin HPSBMU03591 1 - Several potential security vulnerabilities have been identified in HPE Server Migration Pack (SMP) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.
958138fc11dd9e53ea6b98de78d16ced9c354a2c2997cb0b10965023053cabb7HP Security Bulletin HPSBGN03597 1 - A vulnerability in GNU C Library (glibc) was addressed by HPE Cloud Optimizer (Virtualization Performance Viewer). The vulnerability could be exploited remotely to allow Denial of Service (DoS). Revision 1 of this advisory.
25f49ade38400e07817b57b4a97217d1ee78e9e0c35b13e06ec064443db88b6dHP Security Bulletin HPSBST03598 1 - HPE 3PAR OS has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). This vulnerability could be remotely exploited to cause Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
825e2f051ab86891da30d118b79183bb3ced947bf7f0859a92642c397d8dc78fHP Security Bulletin HPSBGN03547 3 - A security vulnerability in glibc has been addressed with HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus components. The vulnerability could be exploited remotely resulting in arbitrary execution of code. Revision 3 of this advisory.
3a3a7da261ca85e7feb593ac3b1137b0a8baf5a5661d975d9cd76acfc0ff825fHP Security Bulletin HPSBGN03582 1 - HPE Helion CloudSystem addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
26439f2e50832858fd5b35b5b17ec68209e8fbe1597c3cfba78e2bd761d45067HP Security Bulletin HPSBGN03551 1 - HPE Helion Development Platform has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
6a5c6e511c9ded81cb50fa7de880a49ca9815f8fa2566a142a513c72014743b9HP Security Bulletin HPSBGN03442 1 - HPE Helion OpenStack has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
6539fd974a37cf918334232d4666c73e3f1b4b61616cb996dd44f390809b7782HP Security Bulletin HPSBGN03549 1 - HPE IceWall products have addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.
5c0bafbdb117854cb467fe44692de91315ec03062242458e577de6b74ec77e61Slackware Security Advisory - New glibc packages are available for Slackware 14.1 and -current to fix security issues.
8d4c291abde8bba7e5f00f2280fc0bcd15d6a57a664e9d206fc17566399f7d6fRed Hat Security Advisory 2016-0277-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
16f8193295d41539b260186af779c496a1c336c7b0b9f4d88547042401772ac9HP Security Bulletin HPSBGN03547 1 - A security vulnerability in glibc has been addressed with HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus components. The vulnerability could be exploited remotely resulting in arbitrary execution of code. Revision 1 of this advisory.
80d01bb5a617b997b4377008c9a6dff9fe6fc1ba42119b92775c9ae396faf290Gentoo Linux Security Advisory 201602-2 - Multiple vulnerabilities have been found in the GNU C library, the worst allowing for remote execution of arbitrary code. Versions less than 2.21-r2 are affected.
7fb31d7914b4d8d365ed0e55052ae4ab9788d37ba1146e4a9261c90a46a215e4glibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated. Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow. Included in this archive is a copy of the Google Security blog post and proof of concept code that demonstrates the vulnerability.
ad59124177a3d305a9e05a03fed4435fe9079fdcafd54b23cbd52bc979ba7a5fUbuntu Security Notice 2900-1 - It was discovered that the GNU C Library incorrectly handled receiving responses while performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.
7800d1aab731dec1f2a66ce239ebdf2a26e863aea8e01e1b0c7b35c610ced26cDebian Linux Security Advisory 3481-1 - Several vulnerabilities have been fixed in the GNU C Library, glibc.
09303e0b9794ff8d9ff9ecaa8493c33cded5b569964be1e2f01553cc70ce74c4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed