Executive Summary

Summary
TitleGNU C library: Multiple vulnerabilities
Informations
NameGLSA-201011-01First vendor Publication2010-11-15
VendorGentooLast vendor Modification2010-11-15
Severity (Vendor) HighRevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthentificationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities were found in glibc, the worst of which allowing local attackers to execute arbitrary code as root.

Background

The GNU C library is the standard C library used by Gentoo Linux systems.

Description

Multiple vulnerabilities were found in glibc, amongst others the widely-known recent LD_AUDIT and $ORIGIN issues. For further information please consult the CVE entries referenced below.

Impact

A local attacker could execute arbitrary code as root, cause a Denial of Service, or gain privileges. Additionally, a user-assisted remote attacker could cause the execution of arbitrary code, and a context-dependent attacker could cause a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All GNU C library users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-libs/glibc-2.11.2-r3"

References

[ 1 ] CVE-2009-4880 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4880
[ 2 ] CVE-2009-4881 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4881
[ 3 ] CVE-2010-0296 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0296
[ 4 ] CVE-2010-0830 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0830
[ 5 ] CVE-2010-3847 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847
[ 6 ] CVE-2010-3856 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201011-01.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201011-01.xml

CWE : Common Weakness Enumeration

idName
CWE-189Numeric Errors
CWE-264Permissions, Privileges, and Access Controls
CWE-59Improper Link Resolution Before File Access ('Link Following')
CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12272
 
Oval ID: oval:org.mitre.oval:def:12272
Title: VMSA-2011-0010 VMware ESX third party updates for Service Console packages glibc and dhcp
Description: locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1095
 Version: 4
Platform(s): VMWare ESX Server 4.0
VMWare ESX Server 4.1
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application57

ExploitDB Exploits

idDescription
2011-11-10glibc LD_AUDIT arbitrary DSO load Privilege Escalation
2010-10-22GNU C library dynamic linker LD_AUDIT arbitrary DSO load Vulnerability
2010-10-18GNU C library dynamic linker $ORIGIN expansion Vulnerability

Open Source Vulnerability Database (OSVDB)

idDescription
73407GNU C Library locale/programs/locale.c Output Quoting Localization Environmen...
68920GNU C Library Dynamic Linker LD_AUDIT non-setuid Library Loading Issue
68721GNU C Library Dynamic Linker $ORIGIN Substitution Expansion Weakness Local Pr...
65080GNU C Library strfmon Implementation Crafted Format String Overflow DoS
65079GNU C Library stdlib/strfmon_l.c __vstrfmon_l Function Format String Overflow...
65078GNU C Library misc/mntent_r.c encode_name Macro Crafted Mount Request Local DoS
65077GNU C Library ld.so elf/dynamic-link.h elf_get_dynamic_info Crafted ELF Progr...