NVD

Id
21119  
Name
CVE-2016-6318  
Description
Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2016-09-07  
Modified Date
2016-11-28  
Seq
2016-6318  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
114995 21119 CVE-2016-6318 openSUSE-SU-2016:2204  View
114996 21119 CVE-2016-6318 [oss-security] 20160816 cracklib: Stack-based buffer overflow when parsing large GECOS field  View
114997 21119 CVE-2016-6318 92478  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
3798 JVNDB-2016-004571 CrackLib の lib/fascist.c の FascistGecosUser 関数におけるスタックベースのバッファオーバーフローの脆弱性 CrackLib の lib/fascist.c の FascistGecosUser 関数には、LongBuffer に関連して、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2016-6318 92825 CVE-2016-6318 21119 7.2 7.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004571.html 2016-08-31 2016-09-09 View