Lucene search

PRIOn knowledge basePRION:CVE-2014-9984

HistoryJun 12, 2017 - 1:29 p.m.

Code injection

2017-06-1213:29:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

86.9%

JSON

nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd.

CPENameOperatorVersion
glibcle2.19

CPE	Name	Operator	Version
	glibc	le	2.19

References

packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html

packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html

seclists.org/fulldisclosure/2019/Jun/18

seclists.org/fulldisclosure/2019/Sep/7

www.securityfocus.com/bid/99071

seclists.org/bugtraq/2019/Jun/14

seclists.org/bugtraq/2019/Sep/7

sourceware.org/bugzilla/show_bug.cgi?id=16695

sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=c44496df2f090a56d3bf75df930592dac6bba46f