Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2168

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2168
Last Modified 10 Jun 2011 10:37:37
Published 24 May 2011 07:55:04
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2168

Summary

Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418.

Vulnerable Systems

Operating System

  • Openbsd 2.0

  • Openbsd 2.1

  • Openbsd 2.2

  • Openbsd 2.3

  • Openbsd 2.4

  • Openbsd 2.5

  • Openbsd 2.6

  • Openbsd 2.7

  • Openbsd 2.8

  • Openbsd 2.9

  • Openbsd 3.0

  • Openbsd 3.1

  • Openbsd 3.2

  • Openbsd 3.3

  • Openbsd 3.4

  • Openbsd 3.5

  • Openbsd 3.6

  • Openbsd 3.7

  • Openbsd 3.8

  • Openbsd 3.9

  • Openbsd 4.0

  • Openbsd 4.1

  • Openbsd 4.2

  • Openbsd 4.3

  • Openbsd 4.4

  • Openbsd 4.5

  • Openbsd 4.6

  • Openbsd 4.7

  • Openbsd 4.8


References

CONFIRM - http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/glob.c.diff?r1=1.34;r2=1.35;f=h

CONFIRM - http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/glob.c#rev1.35

BID - 48004

SREASONRES - 20110502 Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion


Last Updated: 27 May 2016 10:56:56