Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 386313 (CVE-2010-4756)

Summary: sys-libs/glibc: Denial of Service (CVE-2010-4756)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED WORKSFORME    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A3 [upstream]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2011-10-08 14:02:32 UTC 
CVE-2010-4756 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4756):
  The glob implementation in the GNU C Library (aka glibc or libc6) allows
  remote authenticated users to cause a denial of service (CPU and memory
  consumption) via crafted glob expressions that do not match any pathnames,
  as demonstrated by glob expressions in STAT commands to an FTP daemon, a
  different vulnerability than CVE-2010-2632.
Comment 1 SpanKY gentoo-dev 2012-04-13 23:43:27 UTC 
sounds like Bug 340061.  so i would punt this for the same reason.
Comment 2 Mark Loeser (RETIRED) gentoo-dev 2013-02-22 23:23:36 UTC 
Agreed.  Nothing toolchain is going to do on this one.