Executive Summary

Informations
NameCVE-2010-3856First vendor Publication2011-01-07
VendorCveLast vendor Modification2011-02-12

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856

CWE : Common Weakness Enumeration

idName
CWE-264Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:22327
 
Oval ID: oval:org.mitre.oval:def:22327
Title: RHSA-2010:0872: glibc security and bug fix update (Important)
Description: ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
Family: unix Class: patch
Reference(s): RHSA-2010:0872-02
CVE-2010-3847
CVE-2010-3856
Version: 29
Platform(s): Red Hat Enterprise Linux 6
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21997
 
Oval ID: oval:org.mitre.oval:def:21997
Title: RHSA-2010:0793: glibc security update (Important)
Description: ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
Family: unix Class: patch
Reference(s): RHSA-2010:0793-01
CESA-2010:0793
CVE-2010-3856
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20315
 
Oval ID: oval:org.mitre.oval:def:20315
Title: VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
Description: ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
Family: unix Class: vulnerability
Reference(s): CVE-2010-3856
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23540
 
Oval ID: oval:org.mitre.oval:def:23540
Title: ELSA-2010:0872: glibc security and bug fix update (Important)
Description: ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
Family: unix Class: patch
Reference(s): ELSA-2010:0872-02
CVE-2010-3847
CVE-2010-3856
Version: 10
Platform(s): Oracle Linux 6
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22846
 
Oval ID: oval:org.mitre.oval:def:22846
Title: ELSA-2010:0793: glibc security update (Important)
Description: ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.
Family: unix Class: patch
Reference(s): ELSA-2010:0793-01
CVE-2010-3856
Version: 3
Platform(s): Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application55

ExploitDB Exploits

idDescription
2011-11-10glibc LD_AUDIT arbitrary DSO load Privilege Escalation
2010-10-22GNU C library dynamic linker LD_AUDIT arbitrary DSO load Vulnerability

OpenVAS Exploits

DateDescription
2011-08-09Name : CentOS Update for glibc CESA-2010:0793 centos5 i386
File : nvt/gb_CESA-2010_0793_glibc_centos5_i386.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201011-01 (glibc)
File : nvt/glsa_201011_01.nasl
2011-03-07Name : Debian Security Advisory DSA 2122-2 (glibc)
File : nvt/deb_2122_2.nasl
2011-01-14Name : Ubuntu Update for eglibc, glibc vulnerability USN-1009-2
File : nvt/gb_ubuntu_USN_1009_2.nasl
2010-12-02Name : Fedora Update for glibc FEDORA-2010-16851
File : nvt/gb_fedora_2010_16851_glibc_fc14.nasl
2010-11-17Name : Debian Security Advisory DSA 2122-1 (glibc)
File : nvt/deb_2122_1.nasl
2010-11-16Name : Fedora Update for glibc FEDORA-2010-16641
File : nvt/gb_fedora_2010_16641_glibc_fc12.nasl
2010-11-16Name : SuSE Update for glibc SUSE-SA:2010:052
File : nvt/gb_suse_2010_052.nasl
2010-11-04Name : RedHat Update for glibc RHSA-2010:0793-01
File : nvt/gb_RHSA-2010_0793-01_glibc.nasl
2010-11-04Name : Fedora Update for glibc FEDORA-2010-16655
File : nvt/gb_fedora_2010_16655_glibc_fc13.nasl
2010-10-26Name : Ubuntu Update for glibc, eglibc vulnerabilities USN-1009-1
File : nvt/gb_ubuntu_USN_1009_1.nasl
2010-10-26Name : Mandriva Update for glibc MDVSA-2010:212 (glibc)
File : nvt/gb_mandriva_MDVSA_2010_212.nasl
0000-00-00Name : Slackware Advisory SSA:2010-301-01 glibc
File : nvt/esoft_slk_ssa_2010_301_01.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
68920GNU C Library Dynamic Linker LD_AUDIT non-setuid Library Loading Issue

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0793.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0872.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101110_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2011-01-12Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1009-2.nasl - Type : ACT_GATHER_INFO
2011-01-06Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2011-0001.nasl - Type : ACT_GATHER_INFO
2010-12-02Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_glibc-101025.nasl - Type : ACT_GATHER_INFO
2010-11-24Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0793.nasl - Type : ACT_GATHER_INFO
2010-11-18Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0872.nasl - Type : ACT_GATHER_INFO
2010-11-16Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201011-01.nasl - Type : ACT_GATHER_INFO
2010-11-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-16641.nasl - Type : ACT_GATHER_INFO
2010-10-29Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-301-01.nasl - Type : ACT_GATHER_INFO
2010-10-29Name : The remote Fedora host is missing a security update.
File : fedora_2010-16655.nasl - Type : ACT_GATHER_INFO
2010-10-29Name : The remote Fedora host is missing a security update.
File : fedora_2010-16851.nasl - Type : ACT_GATHER_INFO
2010-10-28Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_glibc-7201.nasl - Type : ACT_GATHER_INFO
2010-10-28Name : The remote SuSE system is missing a security patch for glibc
File : suse_11_1_glibc-101026.nasl - Type : ACT_GATHER_INFO
2010-10-28Name : The remote SuSE system is missing a security patch for glibc
File : suse_11_2_glibc-101027.nasl - Type : ACT_GATHER_INFO
2010-10-26Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0793.nasl - Type : ACT_GATHER_INFO
2010-10-25Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-212.nasl - Type : ACT_GATHER_INFO
2010-10-24Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1009-1.nasl - Type : ACT_GATHER_INFO
2010-10-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2122.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/44347
BUGTRAQhttp://www.securityfocus.com/archive/1/archive/1/515545/100/0/threaded
CONFIRMhttp://support.avaya.com/css/P8/documents/100121017
http://www.vmware.com/security/advisories/VMSA-2011-0001.html
https://bugzilla.redhat.com/show_bug.cgi?id=645672
DEBIANhttp://www.debian.org/security/2010/dsa-2122
FULLDISChttp://seclists.org/fulldisclosure/2010/Oct/344
GENTOOhttp://security.gentoo.org/glsa/glsa-201011-01.xml
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDVSA-2010:212
MLISThttp://sourceware.org/ml/libc-hacker/2010-10/msg00010.html
REDHAThttp://www.redhat.com/support/errata/RHSA-2010-0872.html
https://rhn.redhat.com/errata/RHSA-2010-0793.html
SECUNIAhttp://secunia.com/advisories/42787
UBUNTUhttp://www.ubuntu.com/usn/USN-1009-1
VUPENhttp://www.vupen.com/english/advisories/2011/0025

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:58:08
  • Multiple Updates
2013-05-10 23:35:03
  • Multiple Updates