Vulnerability & Exploit Database

Displaying all 5 entries

Results for: CVE-2013-7424 Back to search

RHSA-2015:1627: glibc security update Vulnerability

  • Severity: 5
  • Published: August 26, 2015

The glibc packages provide the standard C libraries (libc), POSIX threadlibraries (libpthread), standard math libraries (libm), and the Name ServerCaching Daemon (nscd) used by multiple programs on the system.Without these libraries, the Linux system cannot function correctly.An invalid free flaw was found in glibc's getaddrinfo() functi...

Cent OS: CVE-2013-7424: CESA-2015:1627 (glibc) Vulnerability

  • Severity: 5
  • Published: August 26, 2015

The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6.

F5 Networks: K16472 (CVE-2013-7424): glibc vulnerability CVE-2013-7424 Vulnerability

  • Severity: 5
  • Published: April 20, 2015

The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6.

DSA-3169-1 eglibc -- security update Vulnerability

  • Severity: 8
  • Published: February 24, 2015

The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.

ELSA-2015-1627 Moderate: Oracle Linux glibc security update Vulnerability

  • Severity: 10
  • Published: January 28, 2015

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."