← back
CVE-2013-1914

CVE-2013-1914

EPSS 4.1%
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0769.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1605.htmlhttps://bugzilla.novell.com/show_bug.cgi?id=813121https://bugzilla.redhat.com/show_bug.cgi?id=947882http://seclists.org/fulldisclosure/2021/Sep/0http://secunia.com/advisories/52817http://secunia.com/advisories/55113http://sourceware.org/bugzilla/show_bug.cgi?id=15330http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7https://security.gentoo.org/glsa/201503-04http://www.mandriva.com/security/advisories?name=MDVSA-2013:163