CVE-2008-1391

Name of the Vulnerable Software and Affected Versions libc6 versions (affected versions not specified) glibc-source versions (affected versions not specified) libc6-i386 versions (affected versions not specified) libc6-sparcv9b versions (affected versions not specified) libc6-udeb versions (affected versions not specified) libc6-mipsn32 versions (affected versions not specified) glibc-obsolete versions (affected versions not specified) libc6.1-dbg versions (affected versions not specified) glibc-doc versions (affected versions not specified) libnss-dns-udeb versions (affected versions not specified) libc6-dev-sparc64 versions (affected versions not specified) libc6.1-prof versions (affected versions not specified) libc6-xen versions (affected versions not specified) libc6-dev-mips64 versions (affected versions not specified) libc6.1-dev versions (affected versions not specified) locales-all versions (affected versions not specified) libc6-pic versions (affected versions not specified) libc6.1-pic versions (affected versions not specified) libc6-i686 versions (affected versions not specified) nscd versions (affected versions not specified) glibc-dceext-32bit versions (affected versions not specified) glibc-64bit versions (affected versions not specified) libc6-prof versions (affected versions not specified) libnss-files-udeb versions (affected versions not specified) libc6-amd64 versions (affected versions not specified) locales versions (affected versions not specified) libc6.1-udeb versions (affected versions not specified) libc6-sparc64 versions (affected versions not specified) glibc-debuginfo versions (affected versions not specified) glibc-devel-64bit versions (affected versions not specified) libc6.1 versions (affected versions not specified) libc6-dev-s390x versions (affected versions not specified) libc6-dev versions (affected versions not specified) glibc-profile-64bit versions (affected versions not specified) libc6-dev-mipsn32 versions (affected versions not specified) libc6-dev-ppc64 versions (affected versions not specified) libc6-mips64 versions (affected versions not specified) glibc-locale-64bit versions (affected versions not specified) libc6-s390x versions (affected versions not specified) glibc-dceext versions (affected versions not specified) libc6-ppc64 versions (affected versions not specified) libc6.1-alphaev67 versions (affected versions not specified) libc6-dbg versions (affected versions not specified) libc6-dev-amd64 versions (affected versions not specified)

Description The issue involves multiple vulnerabilities in various packages of the Debian GNU/Linux and SUSE Linux Enterprise operating systems. These vulnerabilities can lead to breaches of confidentiality, integrity, and availability of protected information. The exploitation of these vulnerabilities can be carried out remotely. In some cases, the vulnerabilities are related to integer overflows in the strfmon function and the printf function, which can allow context-dependent attackers to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.