ID CVE-2011-0536
Summary Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:glibc:2.5-49.el5_5.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:glibc:2.5-49.el5_5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:glibc:2.12-1.7.el6_0.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:glibc:2.12-1.7.el6_0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 09-10-2018 - 19:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2011-12-05T04:00:11.149-05:00
class vulnerability
contributors
name Aslesha Nargolkar
organization Hewlett-Packard
definition_extensions
comment VMware ESX Server 4.1 is installed
oval oval:org.mitre.oval:def:13012
description Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
family unix
id oval:org.mitre.oval:def:13086
status accepted
submitted 2011-09-06T16:14:19.000-05:00
title VMSA-2011-0010 VMware ESX third party updates for Service Console packages glibc and dhcp
version 6
redhat via4
advisories
  • rhsa
    id RHSA-2011:0412
  • rhsa
    id RHSA-2011:0413
rpms
  • glibc-0:2.5-58.el5_6.2
  • glibc-common-0:2.5-58.el5_6.2
  • glibc-devel-0:2.5-58.el5_6.2
  • glibc-headers-0:2.5-58.el5_6.2
  • glibc-utils-0:2.5-58.el5_6.2
  • nscd-0:2.5-58.el5_6.2
  • glibc-0:2.12-1.7.el6_0.5
  • glibc-common-0:2.12-1.7.el6_0.5
  • glibc-devel-0:2.12-1.7.el6_0.5
  • glibc-headers-0:2.12-1.7.el6_0.5
  • glibc-static-0:2.12-1.7.el6_0.5
  • glibc-utils-0:2.12-1.7.el6_0.5
  • nscd-0:2.12-1.7.el6_0.5
refmap via4
bugtraq 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
confirm
debian DSA-2122-2
mandriva MDVSA-2011:178
mlist
  • [oss-security] 20110203 CVE request: glibc CVE-2010-3847 fix regression
  • [oss-security] 20110203 Re: CVE request: glibc CVE-2010-3847 fix regression
sectrack 1025289
secunia
  • 43830
  • 43989
  • 46397
ubuntu USN-1009-2
vupen ADV-2011-0863
Last major update 09-10-2018 - 19:29
Published 08-04-2011 - 15:17
Back to Top