SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Juniper Junos Vendors:   Juniper
(Juniper Issues Fix for Junos) GNU Glibc Stack Exhaustion Flaw in regcomp() Lets Remote Users Deny Service
SecurityTracker Alert ID:  1029587
SecurityTracker URL:  http://securitytracker.com/id/1029587
CVE Reference:   CVE-2010-4051, CVE-2010-4052   (Links to External Site)
Date:  Jan 11 2014
Impact:   Denial of service via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Glibc. A remote user can cause denial of service conditions. Juniper Junos is affected (for local users).

A remote user can supply specially crafted data to an application that uses the regcomp() function to cause the target application to consume excessive stack memory and crash.

Maksymilian Arciemowicz reported this vulnerability.

Impact:   A local user can cause denial of service conditions.
Solution:   Juniper has issued a fix for JUNOS (10.4S15, 10.4R16, 11.4R9-S1, 11.4R10, 12.1R8, 12.1X44-D25, 12.1X45-D15, 12.1X46-D10, 12.2R6, 12.3R4, 13.1R3-S1, 13.2R2, 13.3R1).

Juniper has assigned PR 705445 to this vulnerability.

The Juniper advisory is available at:

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10612

Vendor URL:  www.gnu.org/software/libc/ (Links to External Site)
Cause:   Resource error

Message History:   This archive entry is a follow-up to the message listed below.
Dec 8 2010 GNU Glibc Stack Exhaustion Flaw in regcomp() Lets Remote Users Deny Service



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC