Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1658

Overview

Vulnerability Score 3.7 3.7
CVE Id CVE-2011-1658
Last Modified 25 Oct 2011 10:58:35
Published 08 Apr 2011 11:17:28
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2011-1658

Summary

ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a (1) setuid or (2) setgid program with this RPATH value, and then executing the program with a crafted value for the LD_PRELOAD environment variable, a different vulnerability than CVE-2010-3847 and CVE-2011-0536. NOTE: it is not expected that any standard operating-system distribution would ship an applicable setuid or setgid program.

Vulnerable Systems

Application

  • Gnu Glibc 1.00

  • Gnu Glibc 1.01

  • Gnu Glibc 1.02

  • Gnu Glibc 1.03

  • Gnu Glibc 1.04

  • Gnu Glibc 1.05

  • Gnu Glibc 1.06

  • Gnu Glibc 1.07

  • Gnu Glibc 1.08

  • Gnu Glibc 1.09

  • Gnu Glibc 1.09.1

  • Gnu Glibc 2.0

  • Gnu Glibc 2.0.1

  • Gnu Glibc 2.0.2

  • Gnu Glibc 2.0.3

  • Gnu Glibc 2.0.4

  • Gnu Glibc 2.0.5

  • Gnu Glibc 2.0.6

  • Gnu Glibc 2.1

  • Gnu Glibc 2.1.1

  • Gnu Glibc 2.1.1.6

  • Gnu Glibc 2.1.2

  • Gnu Glibc 2.1.3

  • Gnu Glibc 2.1.3.10

  • Gnu Glibc 2.1.9

  • Gnu Glibc 2.10

  • Gnu Glibc 2.10.1

  • Gnu Glibc 2.10.2

  • Gnu Glibc 2.11

  • Gnu Glibc 2.11.1

  • Gnu Glibc 2.11.2

  • Gnu Glibc 2.11.3

  • Gnu Glibc 2.12.0

  • Gnu Glibc 2.12.1

  • Gnu Glibc 2.12.2

  • Gnu Glibc 2.13

  • Gnu Glibc 2.2

  • Gnu Glibc 2.2.1

  • Gnu Glibc 2.2.2

  • Gnu Glibc 2.2.3

  • Gnu Glibc 2.2.4

  • Gnu Glibc 2.2.5

  • Gnu Glibc 2.3

  • Gnu Glibc 2.3.1

  • Gnu Glibc 2.3.10

  • Gnu Glibc 2.3.2

  • Gnu Glibc 2.3.3

  • Gnu Glibc 2.3.4

  • Gnu Glibc 2.3.5

  • Gnu Glibc 2.3.6

  • Gnu Glibc 2.4

  • Gnu Glibc 2.5

  • Gnu Glibc 2.5.1

  • Gnu Glibc 2.6

  • Gnu Glibc 2.6.1

  • Gnu Glibc 2.7

  • Gnu Glibc 2.8

  • Gnu Glibc 2.9


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=667974

MISC - http://sourceware.org/bugzilla/show_bug.cgi?id=12393

XF - gnuclibrary-ldso-priv-esc(66820)

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2011-0012.html

BUGTRAQ - 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console

SECUNIA - 46397


Last Updated: 27 May 2016 10:56:24