admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2014/CVE-2014-99xx/CVE-2014-9984.json
cad-safe-bot b47d02a333 Auto-Update: 2023-11-07T21:02:52.274489+00:00
2023-11-07 21:03:21 +00:00

139 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2014-9984",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-06-12T13:29:00.183",
"lastModified": "2023-11-07T02:23:13.580",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd."
},
{
"lang": "es",
"value": "nscd en la biblioteca C de GNU (tambi\u00e9n conocido como glibc o libc6), versiones anteriores a la 2.20 ,no calcula correctamente el tama\u00f1o de un buffer interno al procesar solicitudes netgroup, posibilitando la ca\u00edda del demonio nscd o permitiendo la ejecuci\u00f3n de c\u00f3digo como usuario que ejecuta nscd."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.19",
"matchCriteriaId": "341320B9-8C6F-40EC-ADF9-0EA8A7D51FF8"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html",
"source": "cve@mitre.org"
},
{
"url": "http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2019/Jun/18",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2019/Sep/7",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/99071",
"source": "cve@mitre.org"
},
{
"url": "https://seclists.org/bugtraq/2019/Jun/14",
"source": "cve@mitre.org"
},
{
"url": "https://seclists.org/bugtraq/2019/Sep/7",
"source": "cve@mitre.org"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=16695",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=c44496df2f090a56d3bf75df930592dac6bba46f",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink