CVE-2016-6318 : Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in

Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.

Published 2016-09-07 19:28:12

Updated 2023-02-12 23:24:54

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: OverflowMemory CorruptionDenial of service

Products affected by CVE-2016-6318

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 42.1
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
Matching versions
Cracklib Project » Cracklib
Versions from including (>=) 2.9.0 and before (<) 2.9.6
cpe:2.3:a:cracklib_project:cracklib:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-6318

EPSS FAQ

0.18%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 38 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-6318

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2016-6318

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-6318

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

[GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8 -Apache Mail Archives

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2016/08/16/2

oss-security - cracklib: Stack-based buffer overflow when parsing large GECOS field
Mailing List;Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/05/msg00023.html

[SECURITY] [DLA 2220-1] cracklib2 security update
Mailing List;Third Party Advisory
https://security.gentoo.org/glsa/201612-25

CrackLib: Buffer overflow (GLSA 201612-25) — Gentoo security
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-08/msg00122.html

openSUSE-SU-2016:2204-1: moderate: Security update for cracklib
Mailing List;Third Party Advisory
http://www.securityfocus.com/bid/92478

cracklib CVE-2016-6318 Local Stack Buffer Overflow Vulnerability
Third Party Advisory;VDB Entry
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

[GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8 -Apache Mail Archives

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2016-6318

Products affected by CVE-2016-6318

Exploit prediction scoring system (EPSS) score for CVE-2016-6318

CVSS scores for CVE-2016-6318

CWE ids for CVE-2016-6318

References for CVE-2016-6318