Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4790

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2005-4790
Last Modified 11 Nov 2010 12:00:00
Published 31 Dec 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2005-4790

Summary

Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.

Vulnerable Systems

Operating System

  • Suse Linux 10.0

  • Suse Linux 9.3


References

FEDORA - FEDORA-2007-3792

FEDORA - FEDORA-2007-3011

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=362941

CONFIRM - https://bugzilla.gnome.org/show_bug.cgi?id=485224

XF - tomboy-ldlibrarypath-privilege-escalation(36054)

UBUNTU - USN-560-1

BID - 25341

SUSE - SUSE-SR:2005:022

MANDRIVA - MDVSA-2008:064

GENTOO - GLSA-200801-14

GENTOO - GLSA-200711-12

SECUNIA - 28672

SECUNIA - 28339

SECUNIA - 27799

SECUNIA - 27621

SECUNIA - 27608

SECUNIA - 26480

OSVDB - 39578

OSVDB - 39577

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=199841

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=189249

MISC - http://bugs.gentoo.org/show_bug.cgi?id=188806


Last Updated: 27 May 2016 10:41:26