[CLOSE] OSVDB ID : 70447 - Disclosed: 2010-12-07

Description:

GNU C Library contains a flaw that may allow a remote denial of service. The issue is triggered when errors in the 'regcomp()' function when processing certain regular expressions, allowing a remote attacker to cause a denial of service by using this function on specially crafted regular expressions.

[CLOSE] OSVDB ID : 70446 - Disclosed: 2010-12-07

Description:

GNU C Library contains a flaw that may allow a remote denial of service. The issue is triggered when errors in the 'regcomp()' function when processing certain regular expressions, allowing a remote attacker to cause a denial of service by using this function on specially crafted regular expressions.

[CLOSE] OSVDB ID : 68630 - Disclosed: 2010-04-27

Description:

(Description Provided by CVE) : Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0] and backtrace information, which might allow context-dependent attackers to obtain sensitive information from process memory by executing an incorrect program, as demonstrated by a setuid program that contains a stack-based buffer overflow error, related to the __fortify_fail function in debug/fortify_fail.c, and the __stack_chk_fail (aka stack protection) and __chk_fail (aka FORTIFY_SOURCE) implementations.

[CLOSE] OSVDB ID : 65079 - Disclosed: 2009-10-30

Description:

(Description Provided by CVE) : Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391.

[CLOSE] OSVDB ID : 65080 - Disclosed: 2009-09-17

Description:

(Description Provided by CVE) : Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391.

[CLOSE] OSVDB ID : 77508 - Disclosed: 2009-06-01

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

[CLOSE] OSVDB ID : 59553 - Disclosed: 2002-01-24

Description:

(Description Provided by CVE) : Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command.

[CLOSE] OSVDB ID : 53101 - Disclosed: 2008-12-06

Description:

(Description Provided by CVE) : The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated against DSA private keys.

[CLOSE] OSVDB ID : 22798 - Disclosed: 2006-01-24

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 13365 - Disclosed: 2005-02-01

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 13364 - Disclosed: 2005-02-01

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 60853 - Disclosed: 2009-12-05

Description:

(Description Provided by CVE) : The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.

[CLOSE] OSVDB ID : 16634 - Disclosed: 2005-04-07

Description:

(Description Provided by CVE) : Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.

[CLOSE] OSVDB ID : 48812 - Disclosed: 2008-07-24

Description:

(Description Provided by CVE) : The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module.

[CLOSE] OSVDB ID : 62857 - Disclosed: 2010-03-10

Description:

GNU cpio is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap overflow. With a specially crafted response or file, a remote attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 19759 - Disclosed: 2002-01-15

Description:

(Description Provided by CVE) : Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE.

[CLOSE] OSVDB ID : 77362 - Disclosed: 2011-04-29

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

[CLOSE] OSVDB ID : 53299 - Disclosed: 2002-07-04

Description:

(Description Provided by CVE) : Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.

[CLOSE] OSVDB ID : 31595 - Disclosed: 2006-11-17

Description:

(Description Provided by CVE) : GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function.

[CLOSE] OSVDB ID : 48045 - Disclosed: 2008-08-21

Description:

(Description Provided by CVE) : Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component.

[CLOSE] OSVDB ID : 6491 - Disclosed: 2000-12-11

Description:

GNU ed contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered when a user creates a symlink to a temporary file and the system is halted before the file is saved. This flaw may lead to a loss of integrity and availability.

[CLOSE] OSVDB ID : 45088 - Disclosed: 2008-05-09

Description:

(Description Provided by CVE) : Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.

[CLOSE] OSVDB ID : 42060 - Disclosed: 2007-11-02

Description:

(Description Provided by CVE) : The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration.

[CLOSE] OSVDB ID : 19738 - Disclosed: 2003-05-19

Description:

(Description Provided by CVE) : Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.

[CLOSE] OSVDB ID : 13667 - Disclosed: 2000-04-18

Description:

(Description Provided by CVE) : The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.

[CLOSE] OSVDB ID : 13588 - Disclosed: 2005-02-07

Description:

A remote overflow exists in GNU Emacs. The movemail function fails to adequately check responses from POP3 Servers in popmail() resulting in a format string overflow. With a specially crafted response, an attacker with a malicious POP3 Server can gain remote access with privilege of the logged on user and the effective group ID of the mail group resulting in a loss of integrity.

[CLOSE] OSVDB ID : 13666 - Disclosed: 2000-04-18

Description:

(Description Provided by CVE) : Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.

[CLOSE] OSVDB ID : 13668 - Disclosed: 2000-04-18

Description:

(Description Provided by CVE) : read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.

[CLOSE] OSVDB ID : 44566 - Disclosed: 2008-04-21

Description:

(Description Provided by CVE) : vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

[CLOSE] OSVDB ID : 37512 - Disclosed: 2007-01-29

Description:

(Description Provided by CVE) : Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.