2015-10-27
ALT-BU-2015-2706-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2016-09-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-6318
Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- openSUSE-SU-2016:2204
- openSUSE-SU-2016:2204
- [oss-security] 20160816 cracklib: Stack-based buffer overflow when parsing large GECOS field
- [oss-security] 20160816 cracklib: Stack-based buffer overflow when parsing large GECOS field
- 92478
- 92478
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
- [debian-lts-announce] 20200524 [SECURITY] [DLA 2220-1] cracklib2 security update
- [debian-lts-announce] 20200524 [SECURITY] [DLA 2220-1] cracklib2 security update
- GLSA-201612-25
- GLSA-201612-25