Gnu: Security Vulnerabilities
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.
CVSS Score
5.0
EPSS Score
0.032
Published
2015-02-24
cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive.
CVSS Score
1.9
EPSS Score
0.033
Published
2015-02-19
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
CVSS Score
2.1
EPSS Score
0.001
Published
2015-02-12
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
CVSS Score
10.0
EPSS Score
0.858
Published
2015-01-28
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
CVSS Score
4.3
EPSS Score
0.009
Published
2015-01-21
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.
CVSS Score
7.5
EPSS Score
0.026
Published
2015-01-16
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive.
CVSS Score
5.0
EPSS Score
0.059
Published
2015-01-15
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar.
CVSS Score
3.6
EPSS Score
0.001
Published
2014-12-09
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.
CVSS Score
7.5
EPSS Score
0.033
Published
2014-12-09
Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.
CVSS Score
7.5
EPSS Score
0.057
Published
2014-12-09