Lucene search
Ubuntu.comUB:CVE-2014-9402HistoryFeb 24, 2015 - 12:00 a.m.
CVE-2014-9402
2015-02-2400:00:00
ubuntu.com
ubuntu.com
14
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.107 Low
EPSS
Percentile
95.1%
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc)
before 2.21, when the DNS backend in the Name Service Switch configuration
is enabled, allows remote attackers to cause a denial of service (infinite
loop) by sending a positive answer while a network name is being process.
Bugs
- <https://sourceware.org/bugzilla/show_bug.cgi?id=17630>
- <https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1404003>
- <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775572>
Notes
| Author | Note |
|---|---|
| mdeslaur | fixed by any/cvs-getnetbyname.diff in vivid |
Related
nessus
nessus
EulerOS Virtualization 2.5.1 : glibc (EulerOS-SA-2018-1272)
2018-09-18 00:00:00
RHEL 5 / 6 / 7 : glibc (CVE-2014-9402)
2016-02-19 00:00:00
F5 Networks BIG-IP : glibc vulnerability (K16365)
2018-12-18 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2018-1272)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-122-1)
2023-03-08 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2017-1146)
2020-01-23 00:00:00
prion
prion
Design/Logic Flaw
2015-02-24 15:59:00
f5
f5
SOL16365 - GNU C Library (glibc) vulnerability CVE-2014-9402
2015-04-03 00:00:00
K16365 : glibc vulnerability CVE-2014-9402
2015-07-23 00:00:00
cve
cve
CVE-2014-9402
2015-02-24 15:59:02
debiancve
debiancve
CVE-2014-9402
2015-02-24 15:59:02
nvd
nvd
CVE-2014-9402
2015-02-24 15:59:02
debian
debian
[SECURITY] [DLA 122-1] eglibc security update
2014-12-22 23:19:26
[SECURITY] [DSA 3169-1] eglibc security update
2015-02-23 06:08:58
cvelist
cvelist
CVE-2014-9402
2015-02-24 15:00:00
mageia
mageia
Updated glibc packages fix security vulnerabilities
2015-01-08 15:24:22
archlinux
archlinux
glibc: arbitrary code execution
2014-12-18 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: glibc-2.20-8.fc21
2015-03-04 10:27:01
ibm
ibm
Security Bulletin: Vulnerabilities in Glibc affect Power Hardware Management Console ( CVE-2017-15670, CVE-2017-12132, CVE-2015-5180, CVE-2014-9402)
2021-09-22 23:05:38
ubuntu
ubuntu
GNU C Library vulnerabilities
2015-02-26 00:00:00
securityvulns
securityvulns
GNU glibc multiple security vulnerabilities
2015-03-07 00:00:00
[SECURITY] [DSA 3169-1] eglibc security update
2015-03-07 00:00:00
centos
centos
glibc, nscd security update
2018-04-26 17:41:43
amazon
amazon
Important: glibc
2018-05-10 17:45:00
redhat
redhat
(RHSA-2018:0805) Moderate: glibc security, bug fix, and enhancement update
2018-04-10 05:01:26
oraclelinux
oraclelinux
glibc security update
2018-04-18 00:00:00
glibc security, bug fix, and enhancement update
2018-04-16 00:00:00
osv
osv
eglibc - security update
2015-02-23 00:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2016-02-17 00:00:00
packetstorm
packetstorm
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
2019-09-04 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2018
2018-01-16 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.107 Low
EPSS
Percentile
95.1%
Related for UB:CVE-2014-9402