Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2010-0793

Опубликовано: 25 окт. 2010
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2010-0793: glibc security update (IMPORTANT)

[2.5-49.el5_5.7]

  • Require suid bit on audit objects in privileged programs (#645677, CVE-2010-3856)

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

glibc

2.5-49.el5_5.7

glibc-common

2.5-49.el5_5.7

glibc-devel

2.5-49.el5_5.7

glibc-headers

2.5-49.el5_5.7

glibc-utils

2.5-49.el5_5.7

nscd

2.5-49.el5_5.7

Oracle Linux x86_64

glibc

2.5-49.el5_5.7

glibc-common

2.5-49.el5_5.7

glibc-devel

2.5-49.el5_5.7

glibc-headers

2.5-49.el5_5.7

glibc-utils

2.5-49.el5_5.7

nscd

2.5-49.el5_5.7

Oracle Linux i386

glibc

2.5-49.el5_5.7

glibc-common

2.5-49.el5_5.7

glibc-devel

2.5-49.el5_5.7

glibc-headers

2.5-49.el5_5.7

glibc-utils

2.5-49.el5_5.7

nscd

2.5-49.el5_5.7

Связанные CVE

CVE-2010-3856

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2010-3856

ubuntu
больше 14 лет назад

ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.

redhat логотип

CVE-2010-3856

redhat
больше 14 лет назад

ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.

nvd логотип

CVE-2010-3856

nvd
больше 14 лет назад

ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.

debian логотип

CVE-2010-3856

debian
больше 14 лет назад

ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.1 ...

github логотип

GHSA-87g4-5jq4-wvr2

github
около 3 лет назад

ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so.