{ "schema_version": "1.4.0", "id": "GHSA-f7mv-c94v-v96r", "modified": "2022-05-13T01:09:04Z", "published": "2022-05-13T01:09:04Z", "aliases": [ "CVE-2016-6318" ], "details": "Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6318" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2020/05/msg00023.html" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201612-25" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00122.html" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2016/08/16/2" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/92478" } ], "database_specific": { "cwe_ids": [ "CWE-787" ], "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2016-09-07T19:28:00Z" } }