vulnerability

SUSE: CVE-2017-16879: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Nov 22, 2017	Dec 1, 2017	May 10, 2021

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Nov 22, 2017

Added

Dec 1, 2017

Modified

May 10, 2021

Description

Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic.

Solution(s)

suse-upgrade-libncurses5suse-upgrade-libncurses5-32bitsuse-upgrade-libncurses5-x86suse-upgrade-libncurses6suse-upgrade-libncurses6-32bitsuse-upgrade-libncurses6-x86suse-upgrade-ncurses-develsuse-upgrade-ncurses-devel-32bitsuse-upgrade-ncurses-utilssuse-upgrade-tacksuse-upgrade-terminfosuse-upgrade-terminfo-base

References

SUSE-SUSE-SU-2017:3183-1
NVD-CVE-2017-16879

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today