Red Hat Security Advisory 2015-1447-01 - The grep utility searches through textual input for lines that contain a match to a specified pattern and then prints the matching lines. The GNU grep utilities include grep, egrep, and fgrep. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privileges of the user running grep. A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory.
01733dd8eba09db69603d8723a645cc4366a7ba2583d5ec88f681ff16540bf66Gentoo Linux Security Advisory 201403-7 - A vulnerability in grep could result in execution of arbitrary code or Denial of Service. Versions less than 2.12 are affected.
3300c2cdba3b6b189e247ca96f92523bfd66af9037dc016c6445c91e715d47bdGrep versions prior to 2.11 suffer from an integer overflow vulnerability.
67807e221404026810de6462ba04065c63a7aa98acbbef641e79defa6bf2a804
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed