Executive Summary

Informations
Name CVE-2010-3847 First vendor Publication 2011-01-07
Vendor Cve Last vendor Modification 2011-03-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847

CWE : Common Weakness Enumeration

idName
CWE-59Improper Link Resolution Before File Access ('Link Following')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:22199
 
Oval ID: oval:org.mitre.oval:def:22199
Title: RHSA-2010:0787: glibc security update (Important)
Description: elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.
Family: unix Class: patch
Reference(s): RHSA-2010:0787-01
CESA-2010:0787
CVE-2010-3847
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19821
 
Oval ID: oval:org.mitre.oval:def:19821
Title: VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
Description: elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3847
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23012
 
Oval ID: oval:org.mitre.oval:def:23012
Title: ELSA-2010:0787: glibc security update (Important)
Description: elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.
Family: unix Class: patch
Reference(s): ELSA-2010:0787-01
CVE-2010-3847
Version: 6
Platform(s): Oracle Linux 5
Product(s): glibc
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application55

ExploitDB Exploits

idDescription
2010-10-22GNU C library dynamic linker LD_AUDIT arbitrary DSO load Vulnerability
2010-10-18GNU C library dynamic linker $ORIGIN expansion Vulnerability

OpenVAS Exploits

DateDescription
2012-07-30Name : CentOS Update for glibc CESA-2011:0412 centos5 x86_64
File : nvt/gb_CESA-2011_0412_glibc_centos5_x86_64.nasl
2012-06-06Name : RedHat Update for glibc RHSA-2011:0413-01
File : nvt/gb_RHSA-2011_0413-01_glibc.nasl
2011-11-28Name : Mandriva Update for glibc MDVSA-2011:178 (glibc)
File : nvt/gb_mandriva_MDVSA_2011_178.nasl
2011-08-09Name : CentOS Update for glibc CESA-2011:0412 centos5 i386
File : nvt/gb_CESA-2011_0412_glibc_centos5_i386.nasl
2011-08-09Name : CentOS Update for glibc CESA-2010:0787 centos5 i386
File : nvt/gb_CESA-2010_0787_glibc_centos5_i386.nasl
2011-04-06Name : RedHat Update for glibc RHSA-2011:0412-01
File : nvt/gb_RHSA-2011_0412-01_glibc.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201011-01 (glibc)
File : nvt/glsa_201011_01.nasl
2011-03-07Name : Debian Security Advisory DSA 2122-2 (glibc)
File : nvt/deb_2122_2.nasl
2011-01-14Name : Ubuntu Update for eglibc, glibc vulnerability USN-1009-2
File : nvt/gb_ubuntu_USN_1009_2.nasl
2010-12-02Name : Fedora Update for glibc FEDORA-2010-16308
File : nvt/gb_fedora_2010_16308_glibc_fc14.nasl
2010-11-17Name : Debian Security Advisory DSA 2122-1 (glibc)
File : nvt/deb_2122_1.nasl
2010-11-16Name : Fedora Update for glibc FEDORA-2010-16641
File : nvt/gb_fedora_2010_16641_glibc_fc12.nasl
2010-11-16Name : SuSE Update for glibc SUSE-SA:2010:052
File : nvt/gb_suse_2010_052.nasl
2010-11-04Name : Fedora Update for glibc FEDORA-2010-16655
File : nvt/gb_fedora_2010_16655_glibc_fc13.nasl
2010-10-26Name : Ubuntu Update for glibc, eglibc vulnerabilities USN-1009-1
File : nvt/gb_ubuntu_USN_1009_1.nasl
2010-10-26Name : Fedora Update for glibc FEDORA-2010-16594
File : nvt/gb_fedora_2010_16594_glibc_fc13.nasl
2010-10-22Name : RedHat Update for glibc RHSA-2010:0787-01
File : nvt/gb_RHSA-2010_0787-01_glibc.nasl
2010-10-22Name : Mandriva Update for glibc MDVSA-2010:207 (glibc)
File : nvt/gb_mandriva_MDVSA_2010_207.nasl
0000-00-00Name : Slackware Advisory SSA:2010-295-01 glibc
File : nvt/esoft_slk_ssa_2010_295_01.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
68721GNU C Library Dynamic Linker $ORIGIN Substitution Expansion Weakness Local Pr...

Nessus® Vulnerability Scanner

DateDescription
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_glibc-101027.nasl - Type : ACT_GATHER_INFO
2013-12-03Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201312-01.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0412.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0413.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0787.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0872.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110404_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101020_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101110_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2011-11-28Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-178.nasl - Type : ACT_GATHER_INFO
2011-04-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0412.nasl - Type : ACT_GATHER_INFO
2011-04-05Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0412.nasl - Type : ACT_GATHER_INFO
2011-04-05Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0413.nasl - Type : ACT_GATHER_INFO
2011-01-12Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1009-2.nasl - Type : ACT_GATHER_INFO
2011-01-06Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2011-0001.nasl - Type : ACT_GATHER_INFO
2010-12-02Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_glibc-101025.nasl - Type : ACT_GATHER_INFO
2010-11-24Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0787.nasl - Type : ACT_GATHER_INFO
2010-11-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0872.nasl - Type : ACT_GATHER_INFO
2010-11-16Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201011-01.nasl - Type : ACT_GATHER_INFO
2010-11-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-16641.nasl - Type : ACT_GATHER_INFO
2010-10-28Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_glibc-7201.nasl - Type : ACT_GATHER_INFO
2010-10-28Name : The remote openSUSE host is missing a security update.
File : suse_11_1_glibc-101026.nasl - Type : ACT_GATHER_INFO
2010-10-28Name : The remote openSUSE host is missing a security update.
File : suse_11_2_glibc-101027.nasl - Type : ACT_GATHER_INFO
2010-10-24Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1009-1.nasl - Type : ACT_GATHER_INFO
2010-10-24Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-295-01.nasl - Type : ACT_GATHER_INFO
2010-10-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2122.nasl - Type : ACT_GATHER_INFO
2010-10-24Name : The remote Fedora host is missing a security update.
File : fedora_2010-16594.nasl - Type : ACT_GATHER_INFO
2010-10-21Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0787.nasl - Type : ACT_GATHER_INFO
2010-10-21Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-207.nasl - Type : ACT_GATHER_INFO
2010-10-20Name : The remote Fedora host is missing a security update.
File : fedora_2010-16308.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/44154
BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/515545/100/0/threaded
CERT-VN http://www.kb.cert.org/vuls/id/537223
CONFIRM http://support.avaya.com/css/P8/documents/100120941
http://www.vmware.com/security/advisories/VMSA-2011-0001.html
https://bugzilla.redhat.com/show_bug.cgi?id=643306
DEBIAN http://www.debian.org/security/2010/dsa-2122
FULLDISC http://seclists.org/fulldisclosure/2010/Oct/257
http://seclists.org/fulldisclosure/2010/Oct/292
http://seclists.org/fulldisclosure/2010/Oct/294
GENTOO http://security.gentoo.org/glsa/glsa-201011-01.xml
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2010:207
MLIST http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html
REDHAT http://www.redhat.com/support/errata/RHSA-2010-0872.html
https://rhn.redhat.com/errata/RHSA-2010-0787.html
SECUNIA http://secunia.com/advisories/42787
UBUNTU http://www.ubuntu.com/usn/USN-1009-1
VUPEN http://www.vupen.com/english/advisories/2011/0025

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-06-14 13:29:36
  • Multiple Updates
2014-02-17 10:58:06
  • Multiple Updates
2013-05-10 23:34:56
  • Multiple Updates