Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2010-0787

Опубликовано: 21 окт. 2010
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2010-0787: glibc security update (IMPORTANT)

[2.5-49.el5_5.6]

  • Never expand in privileged programs (#643818, CVE-2010-3847)

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

glibc

2.5-49.el5_5.6

glibc-common

2.5-49.el5_5.6

glibc-devel

2.5-49.el5_5.6

glibc-headers

2.5-49.el5_5.6

glibc-utils

2.5-49.el5_5.6

nscd

2.5-49.el5_5.6

Oracle Linux x86_64

glibc

2.5-49.el5_5.6

glibc-common

2.5-49.el5_5.6

glibc-devel

2.5-49.el5_5.6

glibc-headers

2.5-49.el5_5.6

glibc-utils

2.5-49.el5_5.6

nscd

2.5-49.el5_5.6

Oracle Linux i386

glibc

2.5-49.el5_5.6

glibc-common

2.5-49.el5_5.6

glibc-devel

2.5-49.el5_5.6

glibc-headers

2.5-49.el5_5.6

glibc-utils

2.5-49.el5_5.6

nscd

2.5-49.el5_5.6

Связанные CVE

CVE-2010-3847

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2010-3847

ubuntu
больше 14 лет назад

elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.

redhat логотип

CVE-2010-3847

redhat
больше 14 лет назад

elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.

nvd логотип

CVE-2010-3847

nvd
больше 14 лет назад

elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.

debian логотип

CVE-2010-3847

debian
больше 14 лет назад

elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) throu ...

github логотип

GHSA-q3fw-v7x4-w8hh

github
около 3 лет назад

elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.