Download
| Alert*
|
oval:org.secpod.oval:def:1800134
Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution. Fixed ... oval:org.secpod.oval:def:1800721 Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution. Fixed ... oval:org.secpod.oval:def:1800823 Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crashor possible code execution. Fixed ... oval:org.secpod.oval:def:89002201 This update for augeas fixes the following issues: Security issues fixed: - CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution by passing crafted strings that would be mis-handled by parse_name . - CVE-2014-8119: Fix improper handling of escaped strings leading to ... oval:org.secpod.oval:def:89002384 This update for augeas fixes the following issues: Security issue fixed: - CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution by passing crafted strings that would be mis-handled by parse_name . oval:org.secpod.oval:def:204561 Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. Security Fix: * A vulnerability was discovered in augeas affecting the ... oval:org.secpod.oval:def:89002216 This update for augeas fixes the following issues: Security issue fixed: - CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution by passing crafted strings that would be mis-handled by parse_name . oval:org.secpod.oval:def:2102403 Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution. oval:org.secpod.oval:def:703772 augeas: Configuration editing tool Augeas could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:113097 A library for programmatically editing configuration files. Augeas parses configuration files into a tree structure, which it exposes through its public API. Changes made through the API are written back to the initially read files. The transformation works very hard to preserve comments and formatt ... oval:org.secpod.oval:def:502142 Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving it back into native config files. Security Fix: * A vulnerability was discovered in augeas affecting the ... oval:org.secpod.oval:def:113150 A library for programmatically editing configuration files. Augeas parses configuration files into a tree structure, which it exposes through its public API. Changes made through the API are written back to the initially read files. The transformation works very hard to preserve comments and formatt ... oval:org.secpod.oval:def:53118 Han Han of Red Hat discovered that augeas, a configuration editing tool, improperly handled some escaped strings. A remote attacker could leverage this flaw by sending maliciously crafted strings, thus causing an augeas-enabled application to crash or potentially execute arbitrary code. oval:org.secpod.oval:def:1800575 Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crashor possible code execution. Fixed ... oval:org.secpod.oval:def:51879 augeas: Configuration editing tool Augeas could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:603064 Han Han of Red Hat discovered that augeas, a configuration editing tool, improperly handled some escaped strings. A remote attacker could leverage this flaw by sending maliciously crafted strings, thus causing an augeas-enabled application to crash or potentially execute arbitrary code. oval:org.secpod.oval:def:1502018 The advisory is missing the security advisory description. For more information please visit the reference link |
