Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title VMware ESX third party updates for Service Console packages glibc and dhcp
Informations
Name VMSA-2011-0010 First vendor Publication 2011-07-28
Vendor VMware Last vendor Modification 2012-03-08
Severity (Vendor) N/A Revision 3

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

a. Service Console update for DHCP

The DHCP client daemon, dhclient, does not properly sanatize certain options in DHCP server replies. An attacker could send a specially crafted DHCP server reply, that is saved on the client system and evaluated by a process that assumes the option is trusted. This could lead to arbitrary code execution with the privileges of the evaluating process.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-0997 to this issue.

b. Service Console update for glibc

This patch updates the glibc package for ESX service console to glibc-2.5-58.7602.vmw. This fixes multiple security issues in glibc, glibc-common and nscd including possible local privilege escalation.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2010-0296, CVE-2011-0536, CVE-2011-1095, CVE-2011-1071, CVE-2011-1658 and CVE-2011-1659 to these issues.

Original Source

Url : http://www.vmware.com/security/advisories/VMSA-2011-0010.html

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-264 Permissions, Privileges, and Access Controls
33 % CWE-20 Improper Input Validation
17 % CWE-399 Resource Management Errors
17 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12032
 
Oval ID: oval:org.mitre.oval:def:12032
Title: DSA-2216-1 isc-dhcp -- missing input sanitisation
Description: Sebastian Krahmer and Marius Tomaschewski discovered that dhclient of isc-dhcp, a DHCP client, is not properly filtering shell meta-characters in certain options in DHCP server responses. These options are reused in an insecure fashion by dhclient scripts. This allows an attacker to execute arbitrary commands with the privileges of such a process by sending crafted DHCP options to a client using a rogue server.
Family: unix Class: patch
Reference(s): DSA-2216-1
CVE-2011-0997
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): isc-dhcp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12272
 
Oval ID: oval:org.mitre.oval:def:12272
Title: VMSA-2011-0010 VMware ESX third party updates for Service Console packages glibc and dhcp
Description: locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1095
Version: 4
Platform(s): VMWare ESX Server 4.0
VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12297
 
Oval ID: oval:org.mitre.oval:def:12297
Title: DSA-2217-1 dhcp3 -- missing input sanitisation
Description: Sebastian Krahmer and Marius Tomaschewski discovered that dhclient of dhcp3, a DHCP client, is not properly filtering shell meta-characters in certain options in DHCP server responses. These options are reused in an insecure fashion by dhclient scripts. This allows an attacker to execute arbitrary commands with the privileges of such a process by sending crafted DHCP options to a client using a rogue server.
Family: unix Class: patch
Reference(s): DSA-2217-1
CVE-2011-0997
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): dhcp3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12812
 
Oval ID: oval:org.mitre.oval:def:12812
Title: VMSA-2011-0010 VMware ESX third party updates for Service Console packages glibc and dhcp
Description: dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0997
Version: 4
Platform(s): VMWare ESX Server 4.0
VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12853
 
Oval ID: oval:org.mitre.oval:def:12853
Title: VMSA-2011-0010 VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1071
Version: 4
Platform(s): VMWare ESX Server 4.0
VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13086
 
Oval ID: oval:org.mitre.oval:def:13086
Title: VMSA-2011-0010 VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0536
Version: 4
Platform(s): VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13818
 
Oval ID: oval:org.mitre.oval:def:13818
Title: USN-1108-1 -- dhcp3 vulnerability
Description: Sebastian Krahmer discovered that the dhclient utility incorrectly filtered crafted responses. An attacker could use this flaw with a malicious DHCP server to execute arbitrary code, resulting in root privilege escalation.
Family: unix Class: patch
Reference(s): USN-1108-1
CVE-2011-0997
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 10.10
Ubuntu 10.04
Ubuntu 9.10
Ubuntu 6.06
Product(s): dhcp3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13937
 
Oval ID: oval:org.mitre.oval:def:13937
Title: USN-1108-2 -- dhcp3 vulnerability
Description: dhcp3: DHCP Client Details: USN-1108-1 fixed vulnerabilities in DHCP. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 9.10 and higher. This update fixes the problem. Original advisory An attacker�s DHCP server could send crafted responses to your computer and cause it to run programs as root.
Family: unix Class: patch
Reference(s): USN-1108-2
CVE-2011-0997
Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 9.10
Ubuntu 10.04
Product(s): dhcp3
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19613
 
Oval ID: oval:org.mitre.oval:def:19613
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0536
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19654
 
Oval ID: oval:org.mitre.oval:def:19654
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0536
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19899
 
Oval ID: oval:org.mitre.oval:def:19899
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1659
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20099
 
Oval ID: oval:org.mitre.oval:def:20099
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1095
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20361
 
Oval ID: oval:org.mitre.oval:def:20361
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1071
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20393
 
Oval ID: oval:org.mitre.oval:def:20393
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0296
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20394
 
Oval ID: oval:org.mitre.oval:def:20394
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Family: unix Class: vulnerability
Reference(s): CVE-2011-0997
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20402
 
Oval ID: oval:org.mitre.oval:def:20402
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1658
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20420
 
Oval ID: oval:org.mitre.oval:def:20420
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1071
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20430
 
Oval ID: oval:org.mitre.oval:def:20430
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1659
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20514
 
Oval ID: oval:org.mitre.oval:def:20514
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1658
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20586
 
Oval ID: oval:org.mitre.oval:def:20586
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0296
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20638
 
Oval ID: oval:org.mitre.oval:def:20638
Title: VMware ESX third party updates for Service Console packages glibc and dhcp
Description: locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
Family: unix Class: vulnerability
Reference(s): CVE-2011-1095
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21331
 
Oval ID: oval:org.mitre.oval:def:21331
Title: RHSA-2011:0413: glibc security update (Important)
Description: Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
Family: unix Class: patch
Reference(s): RHSA-2011:0413-01
CVE-2011-0536
CVE-2011-1071
CVE-2011-1095
CVE-2011-1658
CVE-2011-1659
Version: 68
Platform(s): Red Hat Enterprise Linux 6
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21712
 
Oval ID: oval:org.mitre.oval:def:21712
Title: RHSA-2011:0428: dhcp security update (Important)
Description: dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Family: unix Class: patch
Reference(s): RHSA-2011:0428-01
CVE-2011-0997
CESA-2011:0428-CentOS 5
Version: 6
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): dhcp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21873
 
Oval ID: oval:org.mitre.oval:def:21873
Title: RHSA-2011:0412: glibc security update (Important)
Description: Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
Family: unix Class: patch
Reference(s): RHSA-2011:0412-01
CESA-2011:0412
CVE-2010-0296
CVE-2011-0536
CVE-2011-1071
CVE-2011-1095
CVE-2011-1658
CVE-2011-1659
Version: 81
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23052
 
Oval ID: oval:org.mitre.oval:def:23052
Title: ELSA-2011:0412: glibc security update (Important)
Description: Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
Family: unix Class: patch
Reference(s): ELSA-2011:0412-01
CVE-2010-0296
CVE-2011-0536
CVE-2011-1071
CVE-2011-1095
CVE-2011-1658
CVE-2011-1659
Version: 29
Platform(s): Oracle Linux 5
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23373
 
Oval ID: oval:org.mitre.oval:def:23373
Title: ELSA-2011:0413: glibc security update (Important)
Description: Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
Family: unix Class: patch
Reference(s): ELSA-2011:0413-01
CVE-2011-0536
CVE-2011-1071
CVE-2011-1095
CVE-2011-1658
CVE-2011-1659
Version: 25
Platform(s): Oracle Linux 6
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23459
 
Oval ID: oval:org.mitre.oval:def:23459
Title: ELSA-2011:0428: dhcp security update (Important)
Description: dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.
Family: unix Class: patch
Reference(s): ELSA-2011:0428-01
CVE-2011-0997
Version: 6
Platform(s): Oracle Linux 6
Product(s): dhcp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27432
 
Oval ID: oval:org.mitre.oval:def:27432
Title: DEPRECATED: ELSA-2011-0413 -- glibc security update (important)
Description: [2.12-1.7.el6_0.5] - Avoid too much stack use in fnmatch (#681054, CVE-2011-1071) - Properly quote output of locale (#625893, CVE-2011-1095) - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged (#667974, CVE-2011-0536)
Family: unix Class: patch
Reference(s): ELSA-2011-0413
CVE-2011-0536
CVE-2011-1071
CVE-2011-1095
CVE-2011-1658
CVE-2011-1659
Version: 4
Platform(s): Oracle Linux 6
Product(s): glibc
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27918
 
Oval ID: oval:org.mitre.oval:def:27918
Title: DEPRECATED: ELSA-2011-0412 -- glibc security update (important)
Description: [2.5-58.el5_6.2] - Avoid too much stack use in fnmatch (#681054, CVE-2011-1071) - Properly quote output of locale (#625893, CVE-2011-1095) - Don't leave empty element in rpath when skipping the first element, ignore rpath elements containing non-isolated use of when privileged (#667974, CVE-2011-0536) - Fix handling of newline in addmntent (#559579, CVE-2010-0296) [2.5-58.el5_6.1] - Don't ignore in libraries (#682991)
Family: unix Class: patch
Reference(s): ELSA-2011-0412
CVE-2010-0296
CVE-2011-0536
CVE-2011-1071
CVE-2011-1095
CVE-2011-1658
CVE-2011-1659
Version: 4
Platform(s): Oracle Linux 5
Product(s): glibc
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 104
Application 59
Os 5
Os 3
Os 1

OpenVAS Exploits

Date Description
2012-07-30 Name : CentOS Update for glibc CESA-2011:0412 centos5 x86_64
File : nvt/gb_CESA-2011_0412_glibc_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for dhclient CESA-2011:0428 centos4 x86_64
File : nvt/gb_CESA-2011_0428_dhclient_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for dhclient CESA-2011:0428 centos5 x86_64
File : nvt/gb_CESA-2011_0428_dhclient_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for glibc CESA-2012:0125 centos4
File : nvt/gb_CESA-2012_0125_glibc_centos4.nasl
2012-06-06 Name : RedHat Update for glibc RHSA-2011:0413-01
File : nvt/gb_RHSA-2011_0413-01_glibc.nasl
2012-03-16 Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX...
File : nvt/gb_VMSA-2011-0012.nasl
2012-03-12 Name : Ubuntu Update for eglibc USN-1396-1
File : nvt/gb_ubuntu_USN_1396_1.nasl
2012-02-21 Name : RedHat Update for glibc RHSA-2012:0125-01
File : nvt/gb_RHSA-2012_0125-01_glibc.nasl
2011-11-28 Name : Mandriva Update for glibc MDVSA-2011:178 (glibc)
File : nvt/gb_mandriva_MDVSA_2011_178.nasl
2011-09-12 Name : Fedora Update for dhcp FEDORA-2011-10705
File : nvt/gb_fedora_2011_10705_dhcp_fc14.nasl
2011-08-09 Name : CentOS Update for glibc CESA-2011:0412 centos5 i386
File : nvt/gb_CESA-2011_0412_glibc_centos5_i386.nasl
2011-08-09 Name : CentOS Update for dhclient CESA-2011:0428 centos5 i386
File : nvt/gb_CESA-2011_0428_dhclient_centos5_i386.nasl
2011-05-12 Name : Debian Security Advisory DSA 2216-1 (isc-dhcp)
File : nvt/deb_2216_1.nasl
2011-05-12 Name : FreeBSD Ports: isc-dhcp31-client
File : nvt/freebsd_isc-dhcp31-client0.nasl
2011-05-12 Name : Debian Security Advisory DSA 2217-1 (dhcp3)
File : nvt/deb_2217_1.nasl
2011-05-10 Name : Ubuntu Update for dhcp3 USN-1108-2
File : nvt/gb_ubuntu_USN_1108_2.nasl
2011-04-21 Name : Fedora Update for dhcp FEDORA-2011-0848
File : nvt/gb_fedora_2011_0848_dhcp_fc13.nasl
2011-04-19 Name : Fedora Update for dhcp FEDORA-2011-4897
File : nvt/gb_fedora_2011_4897_dhcp_fc14.nasl
2011-04-19 Name : Ubuntu Update for dhcp3 vulnerability USN-1108-1
File : nvt/gb_ubuntu_USN_1108_1.nasl
2011-04-19 Name : Mandriva Update for dhcp MDVSA-2011:073 (dhcp)
File : nvt/gb_mandriva_MDVSA_2011_073.nasl
2011-04-11 Name : RedHat Update for dhcp RHSA-2011:0428-01
File : nvt/gb_RHSA-2011_0428-01_dhcp.nasl
2011-04-11 Name : CentOS Update for dhclient CESA-2011:0428 centos4 i386
File : nvt/gb_CESA-2011_0428_dhclient_centos4_i386.nasl
2011-04-06 Name : RedHat Update for glibc RHSA-2011:0412-01
File : nvt/gb_RHSA-2011_0412-01_glibc.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201011-01 (glibc)
File : nvt/glsa_201011_01.nasl
2010-11-16 Name : SuSE Update for glibc SUSE-SA:2010:052
File : nvt/gb_suse_2010_052.nasl
2010-06-11 Name : Mandriva Update for glibc MDVSA-2010:112 (glibc)
File : nvt/gb_mandriva_MDVSA_2010_112.nasl
2010-06-11 Name : Mandriva Update for glibc MDVSA-2010:111 (glibc)
File : nvt/gb_mandriva_MDVSA_2010_111.nasl
2010-06-10 Name : Debian Security Advisory DSA 2058-1 (glibc, eglibc)
File : nvt/deb_2058_1.nasl
2010-05-28 Name : Ubuntu Update for glibc, eglibc vulnerabilities USN-944-1
File : nvt/gb_ubuntu_USN_944_1.nasl
2010-04-06 Name : Mandriva Update for kdebase4-workspace MDVA-2010:112 (kdebase4-workspace)
File : nvt/gb_mandriva_MDVA_2010_112.nasl
2010-04-06 Name : Mandriva Update for initscripts MDVA-2010:111 (initscripts)
File : nvt/gb_mandriva_MDVA_2010_111.nasl
0000-00-00 Name : Slackware Advisory SSA:2011-097-01 dhcp
File : nvt/esoft_slk_ssa_2011_097_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
75261 GNU C Library ld.so $ORIGIN Dynamic String Token RPATH Local Privilege Escala...

73407 GNU C Library locale/programs/locale.c Output Quoting Localization Environmen...

72796 GNU C Library fnmatch() Function UTF8 String Handling Stack Corruption

A memory corruption flaw exists in glibc. fnmatch() fails to sanitize user-supplied UTF8 strings resulting in memory corruption, allowing a context-dependent attacker to execute arbitrary code.
72100 GNU C Library posix/fnmatch.c fnmatch() Function Overflow DoS

71493 ISC DHCP dhclient Response Handling Metacharacter Shell Command Execution

ISC DHCP contains a flaw related to the dhclient-script script failing to properly strip shell meta-characters when processing responses from DHCP servers. This may allow a remote attacker to use a crafted hostname response to execute arbitrary shell commands.
68721 GNU C Library Dynamic Linker $ORIGIN Substitution Expansion Weakness Local Pr...

The weakness is caused due to dynamic linker expanding the "$ORIGIN" substitution for privileged applications, which can be exploited to gain escalated privileges by e.g. hard linking to a setuid application and forcing the expansion of "$ORIGIN" via "LD_AUDIT".
65078 GNU C Library misc/mntent_r.c encode_name Macro Crafted Mount Request Local DoS

Information Assurance Vulnerability Management (IAVM)

Date Description
2011-10-27 IAVM : 2011-A-0147 - Multiple Vulnerabilities in VMware ESX and ESXi
Severity : Category I - VMSKEY : V0030545
2011-08-04 IAVM : 2011-A-0108 - Multiple Vulnerabilities in VMware ESX Service Console
Severity : Category I - VMSKEY : V0029562

Snort® IPS/IDS

Date Description
2019-08-31 ISC DHCP command injection attempt
RuleID : 50831 - Revision : 1 - Type : SERVER-OTHER
2019-08-31 ISC DHCP command injection attempt
RuleID : 50830 - Revision : 1 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2016-08-19 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL09408132.nasl - Type : ACT_GATHER_INFO
2016-06-22 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2016-0058.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2011-0012_remote.nasl - Type : ACT_GATHER_INFO
2016-03-04 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2011-0010_remote.nasl - Type : ACT_GATHER_INFO
2015-02-02 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0023.nasl - Type : ACT_GATHER_INFO
2014-11-28 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15885.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL13219.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_dhcpcd-110411.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_dhcp-110406.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_dhcp-110406.nasl - Type : ACT_GATHER_INFO
2013-12-03 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201312-01.nasl - Type : ACT_GATHER_INFO
2013-11-13 Name : The remote VMware ESXi 5.0 host is affected by multiple security vulnerabilit...
File : vmware_esxi_5_0_build_515841_remote.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0125.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0428.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0413.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0412.nasl - Type : ACT_GATHER_INFO
2013-01-09 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201301-06.nasl - Type : ACT_GATHER_INFO
2012-09-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-179.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120213_glibc_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110408_dhcp_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110404_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-03-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1396-1.nasl - Type : ACT_GATHER_INFO
2012-02-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0125.nasl - Type : ACT_GATHER_INFO
2012-02-14 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0125.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_dhcp-7451.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_dhcp6-7465.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_glibc-7574.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_dhcp-7430.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_glibc-110517.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_glibc-100709.nasl - Type : ACT_GATHER_INFO
2011-11-28 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-178.nasl - Type : ACT_GATHER_INFO
2011-11-16 Name : The remote network device is affected by an arbitrary code execution vulnerab...
File : airport_firmware_7_6.nasl - Type : ACT_GATHER_INFO
2011-10-14 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2011-0012.nasl - Type : ACT_GATHER_INFO
2011-09-07 Name : The remote Fedora host is missing a security update.
File : fedora_2011-10705.nasl - Type : ACT_GATHER_INFO
2011-08-01 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2011-0010.nasl - Type : ACT_GATHER_INFO
2011-06-28 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_glibc-7575.nasl - Type : ACT_GATHER_INFO
2011-06-28 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12775.nasl - Type : ACT_GATHER_INFO
2011-06-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_glibc-110516.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1108-2.nasl - Type : ACT_GATHER_INFO
2011-05-28 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-097-01.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_dhcp-110406.nasl - Type : ACT_GATHER_INFO
2011-05-04 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12697.nasl - Type : ACT_GATHER_INFO
2011-04-20 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_dhcp6-7464.nasl - Type : ACT_GATHER_INFO
2011-04-19 Name : The remote Fedora host is missing a security update.
File : fedora_2011-0848.nasl - Type : ACT_GATHER_INFO
2011-04-18 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4934.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0412.nasl - Type : ACT_GATHER_INFO
2011-04-13 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_dhcpv6-110401.nasl - Type : ACT_GATHER_INFO
2011-04-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_dhcp-7456.nasl - Type : ACT_GATHER_INFO
2011-04-13 Name : The remote Fedora host is missing a security update.
File : fedora_2011-4897.nasl - Type : ACT_GATHER_INFO
2011-04-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1108-1.nasl - Type : ACT_GATHER_INFO
2011-04-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-073.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0428.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12698.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_7e69f00d632a11e09f3a001d092480a4.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12699.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2217.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0428.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2216.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_dhcp-110407.nasl - Type : ACT_GATHER_INFO
2011-04-07 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12696.nasl - Type : ACT_GATHER_INFO
2011-04-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0412.nasl - Type : ACT_GATHER_INFO
2011-04-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0413.nasl - Type : ACT_GATHER_INFO
2011-01-21 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_glibc-100708.nasl - Type : ACT_GATHER_INFO
2011-01-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1009-2.nasl - Type : ACT_GATHER_INFO
2011-01-06 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2011-0001.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_glibc-101025.nasl - Type : ACT_GATHER_INFO
2010-11-16 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201011-01.nasl - Type : ACT_GATHER_INFO
2010-10-28 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_glibc-7201.nasl - Type : ACT_GATHER_INFO
2010-10-28 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_glibc-101027.nasl - Type : ACT_GATHER_INFO
2010-10-28 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_glibc-101026.nasl - Type : ACT_GATHER_INFO
2010-10-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1009-1.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12641.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-112.nasl - Type : ACT_GATHER_INFO
2010-06-11 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2058.nasl - Type : ACT_GATHER_INFO
2010-06-09 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-111.nasl - Type : ACT_GATHER_INFO
2010-05-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-944-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2016-03-05 13:26:43
  • Multiple Updates
2014-02-17 12:07:20
  • Multiple Updates
2013-11-11 12:41:40
  • Multiple Updates