GNU glibc '__gconv_translit_find()' Function Local Heap Based Buffer Overflow Vulnerability
BID:68983
Info
GNU glibc '__gconv_translit_find()' Function Local Heap Based Buffer Overflow Vulnerability
| Bugtraq ID: | 68983 |
| Class: | Unknown |
| CVE: |
CVE-2014-5119 |
| Remote: | No |
| Local: | Yes |
| Published: | Jul 31 2014 12:00AM |
| Updated: | Jul 05 2016 09:26PM |
| Credit: | Tavis Ormandy |
| Vulnerable: |
SuSE SUSE Linux Enterprise Server 10 SP3 LTSS Red Hat Enterprise Linux Long Life 5.6 server Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 IBM WebSphere MQ 7.0.1.0 GNU glibc 0 Gentoo Linux Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 CentOS CentOS 6 |
| Not Vulnerable: | |
Discussion
GNU glibc '__gconv_translit_find()' Function Local Heap Based Buffer Overflow Vulnerability
GNU glibc is prone to a local heap-based buffer-overflow vulnerability.
Successful exploits may allow attackers to execute arbitrary code within the context of application. Failed attacks may cause a denial-of-service condition.
This issue is being tracked by Cisco Bug ID CSCuq65975.
GNU glibc is prone to a local heap-based buffer-overflow vulnerability.
Successful exploits may allow attackers to execute arbitrary code within the context of application. Failed attacks may cause a denial-of-service condition.
This issue is being tracked by Cisco Bug ID CSCuq65975.
Exploit / POC
GNU glibc '__gconv_translit_find()' Function Local Heap Based Buffer Overflow Vulnerability
The researcher has created an exploit code to demonstrate the issue. Please see the references for more information.
The researcher has created an exploit code to demonstrate the issue. Please see the references for more information.
Solution / Fix
GNU glibc '__gconv_translit_find()' Function Local Heap Based Buffer Overflow Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].