ID CVE-2009-3736
Summary ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:libtool:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.10:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.12:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.12:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.14:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.14:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.16:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.16:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.18:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.18:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.20:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.20:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.22:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.22:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.24:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.24:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:1.5.26:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:1.5.26:*:*:*:*:*:*:*
  • cpe:2.3:a:gnu:libtool:2.2.6a:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:libtool:2.2.6a:*:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 19-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2013-04-29T04:15:19.827-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
    family unix
    id oval:org.mitre.oval:def:11687
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
    version 25
  • accepted 2014-01-20T04:01:30.438-05:00
    class vulnerability
    contributors
    • name J. Daniel Brown
      organization DTCC
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    comment VMware ESX Server 4.0 is installed
    oval oval:org.mitre.oval:def:6293
    description ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
    family unix
    id oval:org.mitre.oval:def:6951
    status accepted
    submitted 2010-06-01T17:30:00.000-05:00
    title GNU Libtool 'libltdl' Library Search Path Local Privilege Escalation Vulnerability
    version 9
redhat via4
advisories
  • bugzilla
    id 537941
    title CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • OR
        • AND
          • comment libtool is earlier than 0:1.4.3-7
            oval oval:com.redhat.rhsa:tst:20091646002
          • comment libtool is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20091646003
        • AND
          • comment libtool-libs is earlier than 0:1.4.3-7
            oval oval:com.redhat.rhsa:tst:20091646004
          • comment libtool-libs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20091646005
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment libtool is earlier than 0:1.5.6-5.el4_8
            oval oval:com.redhat.rhsa:tst:20091646007
          • comment libtool is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20091646003
        • AND
          • comment libtool-libs is earlier than 0:1.5.6-5.el4_8
            oval oval:com.redhat.rhsa:tst:20091646008
          • comment libtool-libs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20091646005
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • OR
        • AND
          • comment libtool is earlier than 0:1.5.22-7.el5_4
            oval oval:com.redhat.rhsa:tst:20091646010
          • comment libtool is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20091646011
        • AND
          • comment libtool-ltdl is earlier than 0:1.5.22-7.el5_4
            oval oval:com.redhat.rhsa:tst:20091646014
          • comment libtool-ltdl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20091646015
        • AND
          • comment libtool-ltdl-devel is earlier than 0:1.5.22-7.el5_4
            oval oval:com.redhat.rhsa:tst:20091646012
          • comment libtool-ltdl-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20091646013
    rhsa
    id RHSA-2009:1646
    released 2009-12-08
    severity Moderate
    title RHSA-2009:1646: libtool security update (Moderate)
  • bugzilla
    id 537941
    title CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • OR
        • AND
          • comment cpp is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039024
          • comment cpp is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220023
        • AND
          • comment gcc is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039002
          • comment gcc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220003
        • AND
          • comment gcc-c++ is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039008
          • comment gcc-c++ is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220015
        • AND
          • comment gcc-c++-ppc32 is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039006
          • comment gcc-c++-ppc32 is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220029
        • AND
          • comment gcc-g77 is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039032
          • comment gcc-g77 is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220031
        • AND
          • comment gcc-gnat is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039016
          • comment gcc-gnat is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220027
        • AND
          • comment gcc-java is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039030
          • comment gcc-java is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220005
        • AND
          • comment gcc-objc is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039034
          • comment gcc-objc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220007
        • AND
          • comment gcc-ppc32 is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039028
          • comment gcc-ppc32 is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220011
        • AND
          • comment libf2c is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039018
          • comment libf2c is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220035
        • AND
          • comment libgcc is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039026
          • comment libgcc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220017
        • AND
          • comment libgcj is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039022
          • comment libgcj is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220033
        • AND
          • comment libgcj-devel is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039012
          • comment libgcj-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220025
        • AND
          • comment libgnat is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039020
          • comment libgnat is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220021
        • AND
          • comment libobjc is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039010
          • comment libobjc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220019
        • AND
          • comment libstdc++ is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039004
          • comment libstdc++ is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220013
        • AND
          • comment libstdc++-devel is earlier than 0:3.2.3-60
            oval oval:com.redhat.rhsa:tst:20100039014
          • comment libstdc++-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220009
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment gcc4 is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039037
          • comment gcc4 is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039038
        • AND
          • comment gcc4-c++ is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039055
          • comment gcc4-c++ is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039056
        • AND
          • comment gcc4-gfortran is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039045
          • comment gcc4-gfortran is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039046
        • AND
          • comment gcc4-java is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039053
          • comment gcc4-java is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039054
        • AND
          • comment libgcj4 is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039049
          • comment libgcj4 is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039050
        • AND
          • comment libgcj4-devel is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039039
          • comment libgcj4-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039040
        • AND
          • comment libgcj4-src is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039041
          • comment libgcj4-src is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039042
        • AND
          • comment libgfortran is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039051
          • comment libgfortran is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039052
        • AND
          • comment libgomp is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039043
          • comment libgomp is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039044
        • AND
          • comment libmudflap is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039057
          • comment libmudflap is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039058
        • AND
          • comment libmudflap-devel is earlier than 0:4.1.2-44.EL4_8.1
            oval oval:com.redhat.rhsa:tst:20100039047
          • comment libmudflap-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20100039048
        • AND
          • comment cpp is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039067
          • comment cpp is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220023
        • AND
          • comment gcc is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039059
          • comment gcc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220003
        • AND
          • comment gcc-c++ is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039060
          • comment gcc-c++ is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220015
        • AND
          • comment gcc-c++-ppc32 is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039066
          • comment gcc-c++-ppc32 is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220029
        • AND
          • comment gcc-g77 is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039062
          • comment gcc-g77 is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220031
        • AND
          • comment gcc-gnat is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039074
          • comment gcc-gnat is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220027
        • AND
          • comment gcc-java is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039068
          • comment gcc-java is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220005
        • AND
          • comment gcc-objc is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039071
          • comment gcc-objc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220007
        • AND
          • comment gcc-ppc32 is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039069
          • comment gcc-ppc32 is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220011
        • AND
          • comment libf2c is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039065
          • comment libf2c is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220035
        • AND
          • comment libgcc is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039063
          • comment libgcc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220017
        • AND
          • comment libgcj is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039075
          • comment libgcj is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220033
        • AND
          • comment libgcj-devel is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039073
          • comment libgcj-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220025
        • AND
          • comment libgnat is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039070
          • comment libgnat is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220021
        • AND
          • comment libobjc is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039072
          • comment libobjc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220019
        • AND
          • comment libstdc++ is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039064
          • comment libstdc++ is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220013
        • AND
          • comment libstdc++-devel is earlier than 0:3.4.6-11.el4_8.1
            oval oval:com.redhat.rhsa:tst:20100039061
          • comment libstdc++-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070220009
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • OR
        • AND
          • comment cpp is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039105
          • comment cpp is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039106
        • AND
          • comment gcc is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039077
          • comment gcc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039078
        • AND
          • comment gcc-c++ is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039081
          • comment gcc-c++ is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039082
        • AND
          • comment gcc-gfortran is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039079
          • comment gcc-gfortran is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039080
        • AND
          • comment gcc-gnat is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039113
          • comment gcc-gnat is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039114
        • AND
          • comment gcc-java is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039103
          • comment gcc-java is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039104
        • AND
          • comment gcc-objc is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039093
          • comment gcc-objc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039094
        • AND
          • comment gcc-objc++ is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039109
          • comment gcc-objc++ is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039110
        • AND
          • comment libgcc is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039097
          • comment libgcc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039098
        • AND
          • comment libgcj is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039099
          • comment libgcj is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039100
        • AND
          • comment libgcj-devel is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039101
          • comment libgcj-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039102
        • AND
          • comment libgcj-src is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039085
          • comment libgcj-src is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039086
        • AND
          • comment libgfortran is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039107
          • comment libgfortran is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039108
        • AND
          • comment libgnat is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039111
          • comment libgnat is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039112
        • AND
          • comment libmudflap is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039083
          • comment libmudflap is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039084
        • AND
          • comment libmudflap-devel is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039087
          • comment libmudflap-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039088
        • AND
          • comment libobjc is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039095
          • comment libobjc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039096
        • AND
          • comment libstdc++ is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039091
          • comment libstdc++ is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039092
        • AND
          • comment libstdc++-devel is earlier than 0:4.1.2-46.el5_4.2
            oval oval:com.redhat.rhsa:tst:20100039089
          • comment libstdc++-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100039090
    rhsa
    id RHSA-2010:0039
    released 2010-01-13
    severity Moderate
    title RHSA-2010:0039: gcc and gcc4 security update (Moderate)
  • rhsa
    id RHSA-2010:0095
rpms
  • libtool-0:1.4.3-7
  • libtool-libs-0:1.4.3-7
  • libtool-0:1.5.6-5.el4_8
  • libtool-libs-0:1.5.6-5.el4_8
  • libtool-0:1.5.22-7.el5_4
  • libtool-ltdl-0:1.5.22-7.el5_4
  • libtool-ltdl-devel-0:1.5.22-7.el5_4
  • cpp-0:3.2.3-60
  • gcc-0:3.2.3-60
  • gcc-c++-0:3.2.3-60
  • gcc-c++-ppc32-0:3.2.3-60
  • gcc-g77-0:3.2.3-60
  • gcc-gnat-0:3.2.3-60
  • gcc-java-0:3.2.3-60
  • gcc-objc-0:3.2.3-60
  • gcc-ppc32-0:3.2.3-60
  • libf2c-0:3.2.3-60
  • libgcc-0:3.2.3-60
  • libgcj-0:3.2.3-60
  • libgcj-devel-0:3.2.3-60
  • libgnat-0:3.2.3-60
  • libobjc-0:3.2.3-60
  • libstdc++-0:3.2.3-60
  • libstdc++-devel-0:3.2.3-60
  • gcc4-0:4.1.2-44.EL4_8.1
  • gcc4-c++-0:4.1.2-44.EL4_8.1
  • gcc4-gfortran-0:4.1.2-44.EL4_8.1
  • gcc4-java-0:4.1.2-44.EL4_8.1
  • libgcj4-0:4.1.2-44.EL4_8.1
  • libgcj4-devel-0:4.1.2-44.EL4_8.1
  • libgcj4-src-0:4.1.2-44.EL4_8.1
  • libgfortran-0:4.1.2-44.EL4_8.1
  • libgomp-0:4.1.2-44.EL4_8.1
  • libmudflap-0:4.1.2-44.EL4_8.1
  • libmudflap-devel-0:4.1.2-44.EL4_8.1
  • cpp-0:3.4.6-11.el4_8.1
  • gcc-0:3.4.6-11.el4_8.1
  • gcc-c++-0:3.4.6-11.el4_8.1
  • gcc-c++-ppc32-0:3.4.6-11.el4_8.1
  • gcc-g77-0:3.4.6-11.el4_8.1
  • gcc-gnat-0:3.4.6-11.el4_8.1
  • gcc-java-0:3.4.6-11.el4_8.1
  • gcc-objc-0:3.4.6-11.el4_8.1
  • gcc-ppc32-0:3.4.6-11.el4_8.1
  • libf2c-0:3.4.6-11.el4_8.1
  • libgcc-0:3.4.6-11.el4_8.1
  • libgcj-0:3.4.6-11.el4_8.1
  • libgcj-devel-0:3.4.6-11.el4_8.1
  • libgnat-0:3.4.6-11.el4_8.1
  • libobjc-0:3.4.6-11.el4_8.1
  • libstdc++-0:3.4.6-11.el4_8.1
  • libstdc++-devel-0:3.4.6-11.el4_8.1
  • cpp-0:4.1.2-46.el5_4.2
  • gcc-0:4.1.2-46.el5_4.2
  • gcc-c++-0:4.1.2-46.el5_4.2
  • gcc-gfortran-0:4.1.2-46.el5_4.2
  • gcc-gnat-0:4.1.2-46.el5_4.2
  • gcc-java-0:4.1.2-46.el5_4.2
  • gcc-objc-0:4.1.2-46.el5_4.2
  • gcc-objc++-0:4.1.2-46.el5_4.2
  • libgcc-0:4.1.2-46.el5_4.2
  • libgcj-0:4.1.2-46.el5_4.2
  • libgcj-devel-0:4.1.2-46.el5_4.2
  • libgcj-src-0:4.1.2-46.el5_4.2
  • libgfortran-0:4.1.2-46.el5_4.2
  • libgnat-0:4.1.2-46.el5_4.2
  • libmudflap-0:4.1.2-46.el5_4.2
  • libmudflap-devel-0:4.1.2-46.el5_4.2
  • libobjc-0:4.1.2-46.el5_4.2
  • libstdc++-0:4.1.2-46.el5_4.2
  • libstdc++-devel-0:4.1.2-46.el5_4.2
refmap via4
bid 37128
confirm
fedora
  • FEDORA-2009-12813
  • FEDORA-2010-1872
  • FEDORA-2010-1924
  • FEDORA-2011-1958
  • FEDORA-2011-1967
  • FEDORA-2011-1990
gentoo GLSA-201311-10
mandriva
  • MDVSA-2009:307
  • MDVSA-2010:035
  • MDVSA-2010:091
  • MDVSA-2010:105
mlist
  • [libtool] 20091116 Backport of libltdl changes to branch-1-5
  • [libtool] 20091116 GNU Libtool 2.2.6b released
secunia
  • 37414
  • 37489
  • 37997
  • 38190
  • 38577
  • 38617
  • 38696
  • 38915
  • 39299
  • 39347
  • 43617
  • 55721
suse SUSE-SR:2010:006
vupen ADV-2011-0574
Last major update 19-09-2017 - 01:29
Published 29-11-2009 - 13:07
Back to Top