CVE-2013-4357

HIGH

Eglibc < 2.14 - Buffer Overflow

Title source: rule

Description

The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.

References (15)

Core 15

Core References

Third Party Advisory x_refsource_misc

https://security-tracker.debian.org/tracker/CVE-2013-4357

Issue Tracking, Third Party Advisory x_refsource_misc

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4357

Exploit, Issue Tracking, Third Party Advisory x_refsource_misc

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4357

Third Party Advisory x_refsource_misc

https://access.redhat.com/security/cve/cve-2013-4357

Exploit, Mailing List, Patch, Third Party Advisory x_refsource_misc

http://www.openwall.com/lists/oss-security/2015/01/28/18

Exploit, Mailing List, Patch, Third Party Advisory x_refsource_misc

http://www.openwall.com/lists/oss-security/2015/01/29/21

Mailing List, Third Party Advisory x_refsource_misc

http://www.openwall.com/lists/oss-security/2015/02/24/3

Third Party Advisory, VDB Entry x_refsource_misc

https://exchange.xforce.ibmcloud.com/vulnerabilities/95103

Issue Tracking, Patch, Third Party Advisory x_refsource_misc

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html

Mailing List, Third Party Advisory x_refsource_misc

http://www.openwall.com/lists/oss-security/2013/09/17/4

Mailing List, Third Party Advisory x_refsource_misc

http://www.openwall.com/lists/oss-security/2013/09/17/8

Third Party Advisory, VDB Entry x_refsource_misc

http://www.securityfocus.com/bid/67992

Third Party Advisory x_refsource_misc

http://www.ubuntu.com/usn/USN-2306-1

Third Party Advisory x_refsource_misc

http://www.ubuntu.com/usn/USN-2306-2

Third Party Advisory x_refsource_misc

http://www.ubuntu.com/usn/USN-2306-3

Scores

CVSS v3 7.5

EPSS 0.0118

EPSS Percentile 78.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-120

Status published

Products (9)

canonical/ubuntu_linux 10.04

canonical/ubuntu_linux 12.04

canonical/ubuntu_linux 14.04

debian/debian_linux 6.0

debian/debian_linux 7.0

eglibc/eglibc < 2.14

fedoraproject/fedora 18

fedoraproject/fedora 19

novell/suse_linux_enterprise_server 11.0 sp2

Published Dec 31, 2019

Tracked Since Feb 18, 2026