Lucene search

K

Veracode Vulnerability DatabaseVERACODE:11302

HistoryJan 15, 2019 - 8:59 a.m.

Directory Traversal

2019-01-1508:59:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

14

EPSS

0.008

Percentile

81.9%

glibc is vulnerable to directory traversal attacks. The vulnerability exists through multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

References

linux.oracle.com/errata/ELSA-2015-0092.html

www.debian.org/security/2014/dsa-2976

www.mandriva.com/security/advisories?name=MDVSA-2014:152

www.openwall.com/lists/oss-security/2014/07/10/7

www.openwall.com/lists/oss-security/2014/07/14/6

www.securityfocus.com/bid/68505

www.securitytracker.com/id/1030569

access.redhat.com/security/updates/classification/#important

access.redhat.com/solutions/1176253

rhn.redhat.com/errata/RHSA-2014-1110.html

security.gentoo.org/glsa/201602-02

sourceware.org/bugzilla/show_bug.cgi?id=17137

EPSS

0.008

Percentile

81.9%

Related for VERACODE:11302

securityvulns4 nessus26 openvas31 amazon1 cve1 nvd1 cvelist1 debian2 debiancve1 prion1 ubuntucve1 osv3 centos1 redhat1 ubuntu4 fedora2 suse4 oraclelinux5 ibm3 mageia1 f52 slackware1 gentoo1