oval:org.mitre.oval:def:28049

Definition Id: oval:org.mitre.oval:def:28049
 
Oval ID: oval:org.mitre.oval:def:28049
Title: ELSA-2011-1526 -- glibc security, bug fix, and enhancement update (low)
Description: A flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064) It was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)
Family: unix Class: patch
Reference(s): ELSA-2011-1526
CVE-2009-5064
CVE-2011-1089
Version: 3
Platform(s): Oracle Linux 6
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16594
 
Oval ID: oval:org.mitre.oval:def:16594
Title: Oracle Linux 6.x
Description: The operating system installed on the system is Oracle Linux 6.x
Family: unix Class: inventory
Reference(s): cpe:/o:oracle:linux:6
Version: 5
Platform(s): Oracle Linux 6
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28049