Executive Summary
Summary | |
---|---|
Title | glibc security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:261 | First vendor Publication | 2005-04-28 |
Vendor | RedHat | Last vendor Modification | 2005-04-28 |
Severity (Vendor) | Low | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.1 | Attack Range | Local |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: The GNU libc packages (known as glibc) contain the standard C libraries used by applications. Flaws in the catchsegv and glibcbug scripts were discovered. A local user could utilize these flaws to overwrite files via a symlink attack on temporary files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0968 and CAN-2004-1382 to these issues. It was discovered that the use of LD_DEBUG and LD_SHOW_AUXV were not restricted for a setuid program. A local user could utilize this flaw to gain information, such as the list of symbols used by the program. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1453 to this issue. This erratum also addresses the following bugs in the GNU C Library: - - Now avoids calling sigaction (SIGPIPE, ...) in syslog implementation - - Fixed poll on Itanium - - Now allows setenv/putenv in shared library constructors Users of glibc are advised to upgrade to these erratum packages that remove the unecessary glibcbug script and contain backported patches to correct these other issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 140068 - [RHAS2.1] CAN-2004-0968 temporary file vulnerabilities in catchsegv script 140487 - [RHAS2.1] Bad declaration of __syscall_poll can cause bogus values for timeout to be passed to the kernel 148814 - CAN-2004-1453 Information leak with LD_DEBUG 148800 - CAN-2004-1382 insecure temporary file usage |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-261.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10762 | |||
Oval ID: | oval:org.mitre.oval:def:10762 | ||
Title: | GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. | ||
Description: | GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1453 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9523 | |||
Oval ID: | oval:org.mitre.oval:def:9523 | ||
Title: | The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. | ||
Description: | The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0968 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200408-16 (glibc) File : nvt/glsa_200408_16.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200410-19 (glibc) File : nvt/glsa_200410_19.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 636-1 (glibc) File : nvt/deb_636_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
13933 | GNU libc (glibc) Symlink Arbitrary File Overwrite |
11040 | GNU libc (glibc) catchsegv Script Symlink Arbitrary File Overwrite |
9010 | GNU libc (glibc) SUID Binary Debugging Information Disclosure glibc contains a flaw that may lead to an unauthorized information disclosure. LD_DEBUG is allowed on setuid binaries which as a result may allow a local attacker to debug a setuid binary and gain sensitive information about the system, resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-256.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-4-1.nasl - Type : ACT_GATHER_INFO |
2005-05-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-256.nasl - Type : ACT_GATHER_INFO |
2005-04-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-261.nasl - Type : ACT_GATHER_INFO |
2005-01-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-636.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-159.nasl - Type : ACT_GATHER_INFO |
2004-12-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-586.nasl - Type : ACT_GATHER_INFO |
2004-10-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200410-19.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200408-16.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-12-08 09:25:44 |
|
2016-10-18 12:06:57 |
|
2016-08-26 01:03:55 |
|
2014-02-17 11:49:08 |
|