CVE-2011-2168
Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418.
| Software | From | Fixed in |
|---|---|---|
| openbsd / openbsd | 4.1 | 4.1.x |
| openbsd / openbsd | 3.7 | 3.7.x |
| openbsd / openbsd | 2.8 | 2.8.x |
| openbsd / openbsd | 3.8 | 3.8.x |
| openbsd / openbsd | 4.4 | 4.4.x |
| openbsd / openbsd | 3.1 | 3.1.x |
| openbsd / openbsd | 3.3 | 3.3.x |
| openbsd / openbsd | 2.9 | 2.9.x |
| openbsd / openbsd | 4.7 | 4.7.x |
| openbsd / openbsd | 2.1 | 2.1.x |
| openbsd / openbsd | 2.2 | 2.2.x |
| openbsd / openbsd | 3.9 | 3.9.x |
| openbsd / openbsd | 2.0 | 2.0.x |
| openbsd / openbsd | 2.7 | 2.7.x |
| openbsd / openbsd | 3.2 | 3.2.x |
| openbsd / openbsd | 4.5 | 4.5.x |
| openbsd / openbsd | 2.4 | 2.4.x |
| openbsd / openbsd | 4.2 | 4.2.x |
| openbsd / openbsd | 3.6 | 3.6.x |
| openbsd / openbsd | 3.0 | 3.0.x |
| openbsd / openbsd | 4.0 | 4.0.x |
| openbsd / openbsd | 3.5 | 3.5.x |
| openbsd / openbsd | 2.6 | 2.6.x |
| openbsd / openbsd | 4.3 | 4.3.x |
| openbsd / openbsd | 2.5 | 2.5.x |
| openbsd / openbsd | 4.6 | 4.6.x |
| openbsd / openbsd | 2.3 | 2.3.x |
| openbsd / openbsd | - | 4.8.x |
| openbsd / openbsd | 3.4 | 3.4.x |
- http://securityreason.com/achievement_securityalert/97
- http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/glob.c.diff?r1=1.34;r2=1.35;f=h
- http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/glob.c.diff?r1=1.34%3Br2=1.35%3Bf=h
- http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/glob.c#rev1.35
- http://www.securityfocus.com/bid/48004
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime