Computer Security
[EN] securityvulns.ru no-pyccku


glibc protection bypass
Published:14.07.2014
Source:
SecurityVulns ID:13866
Type:library
Threat Level:
5/10
Description:It may be possible to bypass some restriction because of incorrect .. seqence processing in locale related functions.
Affected:GNU : glibc 2.13
CVE:CVE-2014-0475 (Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2976-1] eglibc security update (14.07.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod