Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.

References

lists.opensuse.org/opensuse-updates/2016-06/msg00030.html

lists.opensuse.org/opensuse-updates/2016-07/msg00039.html

www-01.ibm.com/support/docview.wss?uid=swg21995039

www.securityfocus.com/bid/102073

www.securityfocus.com/bid/88440

source.android.com/security/bulletin/2017-12-01

sourceware.org/bugzilla/show_bug.cgi?id=20010

sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9

f5 4

android 1

nessus 35

prion 2

ubuntucve 2

nvd 2

cve 2

openvas 26

debiancve 2

osv 2

debian 2

mageia 2

ibm 6

fedora 2

centos 1

cvelist 1

redhat 1

archlinux 2

altlinux 3

ubuntu 6

oraclelinux 3

securityvulns 2

photon 2

slackware 1

cloudfoundry 1

suse 3

gentoo 1

SOL06493172 - glibc vulnerability CVE-2016-3706

2016-08-05 00:00:00

K06493172 : glibc vulnerability CVE-2016-3706

2016-08-05 00:00:00

K15640 : GNU C Library (glibc) vulnerabilities CVE-2014-0475, CVE-2014-5119, CVE-2013-4458

2014-10-02 00:00:00

android

CVE-2016-3706

2017-12-01 00:00:00

nessus

F5 Networks BIG-IP : glibc vulnerability (K06493172)

2018-12-18 00:00:00

Debian DLA-494-1 : eglibc security update

2016-05-31 00:00:00

Fedora 23 : glibc (2016-b0e67c88b5)

2016-07-14 00:00:00

prion

Stack overflow

2016-06-10 15:59:00

Stack overflow

2013-12-12 18:55:00

ubuntucve

CVE-2016-3706

2016-06-10 00:00:00

CVE-2013-4458

2013-12-12 00:00:00

nvd

CVE-2016-3706

2016-06-10 15:59:03

CVE-2013-4458

2013-12-12 18:55:10

cve

CVE-2016-3706

2016-06-10 15:59:03

CVE-2013-4458

2013-12-12 18:55:10

openvas

Fedora Update for glibc FEDORA-2016-b0e67c88b5

2016-06-08 00:00:00

Mageia: Security Advisory (MGASA-2016-0206)

2022-01-28 00:00:00

Fedora Update for glibc FEDORA-2016-b321728d74

2016-06-08 00:00:00

debiancve

CVE-2016-3706

2016-06-10 15:59:03

CVE-2013-4458

2013-12-12 18:55:10

osv

eglibc - security update

2016-05-30 00:00:00

eglibc - security update

2015-03-06 00:00:00

debian

[SECURITY] [DLA 494-1] eglibc security update

2016-05-30 04:24:49

[SECURITY] [DLA 165-1] eglibc security update

2015-03-06 15:39:53

mageia

Updated glibc packages fix security vulnerabilities

2016-05-24 01:00:58

Updated glibc package fixes security vulnerabilities

2013-11-22 22:44:49

ibm

Security Bulletin: Access Manager Client in IBM DataPower Gateways is vulnerable to a denial of service attack.

2019-08-30 07:48:35

Security Bulletin: Vulnerability in GNU C Library affects IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware (CVE-2016-3706)

2019-01-31 02:25:02

Security Bulletin: Vulnerabilities in GNU C Library affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems

2023-04-14 14:32:25

fedora

[SECURITY] Fedora 23 Update: glibc-2.22-16.fc23

2016-05-12 20:56:11

[SECURITY] Fedora 24 Update: glibc-2.23.1-7.fc24

2016-05-14 23:42:24

centos

glibc, nscd security update

2014-10-20 18:08:56

cvelist

CVE-2013-4458

2013-12-12 18:00:00

redhat

(RHSA-2014:1391) Moderate: glibc security, bug fix, and enhancement update

2014-10-14 00:00:00

archlinux

lib32-glibc: multiple issues

2016-05-13 00:00:00

glibc: multiple issues

2016-05-13 00:00:00

altlinux

Security fix for the ALT Linux 9 package glibc version 6:2.23-alt2

2016-05-10 00:00:00

Security fix for the ALT Linux 9 package glibc version 6:2.17-alt6

2014-01-11 00:00:00

Security fix for the ALT Linux 7 package glibc version 6:2.17-alt6

2014-01-11 00:00:00

ubuntu

GNU C Library regression

2014-09-08 00:00:00

GNU C Library vulnerabilities

2014-08-04 00:00:00

GNU C Library regression

2014-08-05 00:00:00

oraclelinux

glibc security, bug fix, and enhancement update

2014-10-15 00:00:00

glibc security update

2018-04-18 00:00:00

glibc security, bug fix, and enhancement update

2018-04-16 00:00:00

securityvulns

glibc security vulnerabilities

2013-12-01 00:00:00

[ MDVSA-2013:284 ] glibc

2013-12-01 00:00:00

photon

Important Photon OS Security Update - PHSA-2017-0037

2017-04-24 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0013

2017-04-24 00:00:00

slackware

[slackware-security] glibc

2014-10-24 05:36:04

cloudfoundry

USN-3239-2: GNU C Library Regression | Cloud Foundry

2017-03-31 00:00:00

suse

Security update for glibc (important)

2016-02-16 20:15:44

Security update for SLES 12 Docker image (important)

2017-10-11 03:06:53

Security update for SLES 12-SP1 Docker image (important)

2017-10-11 03:07:32

gentoo

GNU C Library: Multiple vulnerabilities

2015-03-08 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.7 High

AI Score

Confidence

High

0.032 Low

EPSS

Percentile

91.2%

JSON

Related for CVELIST:CVE-2016-3706