ID REDHAT-RHSA-2012-0126.NASL Type nessus Reporter Tenable Modified 2018-02-05T00:00:00
Description
Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)
A flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)
An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)
It was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)
A denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)
Red Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.
Users should upgrade to these updated packages, which resolve these issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2012:0126. The text
# itself is copyright (C) Red Hat, Inc.
#
include("compat.inc");
if (description)
{
script_id(57929);
script_version ("$Revision: 1.13 $");
script_cvs_date("$Date: 2018/02/05 14:47:53 $");
script_cve_id("CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2011-1089", "CVE-2011-4609");
script_bugtraq_id(40063, 46740, 50898, 51439);
script_osvdb_id(65077, 74278, 74883, 77508, 78316);
script_xref(name:"RHSA", value:"2012:0126");
script_name(english:"RHEL 5 : glibc (RHSA-2012:0126)");
script_summary(english:"Checks the rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated glibc packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
moderate security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.
The glibc packages contain the standard C libraries used by multiple
programs on the system. These packages contain the standard C and the
standard math libraries. Without these two libraries, a Linux system
cannot function properly.
An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way the glibc library read timezone files. If a
carefully-crafted timezone file was loaded by an application linked
against glibc, it could cause the application to crash or,
potentially, execute arbitrary code with the privileges of the user
running the application. (CVE-2009-5029)
A flaw was found in the way the ldd utility identified dynamically
linked libraries. If an attacker could trick a user into running ldd
on a malicious binary, it could result in arbitrary code execution
with the privileges of the user running ldd. (CVE-2009-5064)
An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way the glibc library loaded ELF (Executable and Linking
Format) files. If a carefully-crafted ELF file was loaded by an
application linked against glibc, it could cause the application to
crash or, potentially, execute arbitrary code with the privileges of
the user running the application. (CVE-2010-0830)
It was found that the glibc addmntent() function, used by various
mount helper utilities, did not handle certain errors correctly when
updating the mtab (mounted file systems table) file. If such utilities
had the setuid bit set, a local attacker could use this flaw to
corrupt the mtab file. (CVE-2011-1089)
A denial of service flaw was found in the remote procedure call (RPC)
implementation in glibc. A remote attacker able to open a large number
of connections to an RPC service that is using the RPC implementation
from glibc, could use this flaw to make that service use an excessive
amount of CPU time. (CVE-2011-4609)
Red Hat would like to thank the Ubuntu Security Team for reporting
CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The
Ubuntu Security Team acknowledges Dan Rosenberg as the original
reporter of CVE-2010-0830.
Users should upgrade to these updated packages, which resolve these
issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://www.redhat.com/security/data/cve/CVE-2009-5029.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.redhat.com/security/data/cve/CVE-2009-5064.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.redhat.com/security/data/cve/CVE-2010-0830.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.redhat.com/security/data/cve/CVE-2011-1089.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.redhat.com/security/data/cve/CVE-2011-4609.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://rhn.redhat.com/errata/RHSA-2012-0126.html"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:ND");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:glibc-utils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:nscd");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
script_set_attribute(attribute:"patch_publication_date", value:"2012/02/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/14");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = eregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2012:0126";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL5", reference:"glibc-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"i386", reference:"glibc-common-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"glibc-common-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"glibc-common-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", reference:"glibc-devel-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"i386", reference:"glibc-headers-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"glibc-headers-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"glibc-headers-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"i386", reference:"glibc-utils-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"glibc-utils-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"glibc-utils-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"i386", reference:"nscd-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"nscd-2.5-65.el5_7.3")) flag++;
if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"nscd-2.5-65.el5_7.3")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc");
}
}
{"published": "2012-02-14T00:00:00", "id": "REDHAT-RHSA-2012-0126.NASL", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "history": [{"differentElements": ["cpe"], "edition": 2, "lastseen": "2017-01-06T02:13:35", "bulletin": {"enchantments": {}, "published": "2012-02-14T00:00:00", "id": "REDHAT-RHSA-2012-0126.NASL", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "history": [], "cpe": [], "hash": "57256a06970130ee99a880d5212a24834b5d28d3904011b0cf2ef9f65b9862a2", "description": "Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.", "type": "nessus", "pluginID": "57929", "lastseen": "2017-01-06T02:13:35", "edition": 2, "title": "RHEL 5 : glibc (RHSA-2012:0126)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57929", "modified": "2017-01-05T00:00:00", "bulletinFamily": "scanner", "viewCount": 6, "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "references": ["http://rhn.redhat.com/errata/RHSA-2012-0126.html", "https://www.redhat.com/security/data/cve/CVE-2011-4609.html", "https://www.redhat.com/security/data/cve/CVE-2011-1089.html", "https://www.redhat.com/security/data/cve/CVE-2010-0830.html", "https://www.redhat.com/security/data/cve/CVE-2009-5029.html", "https://www.redhat.com/security/data/cve/CVE-2009-5064.html"], "naslFamily": "Red Hat Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0126. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57929);\n script_version (\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2017/01/05 16:04:21 $\");\n\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\");\n script_bugtraq_id(40063, 46740, 50898, 51439);\n script_osvdb_id(65077, 74278, 74883, 77508, 78316);\n script_xref(name:\"RHSA\", value:\"2012:0126\");\n\n script_name(english:\"RHEL 5 : glibc (RHSA-2012:0126)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked\nagainst glibc, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically\nlinked libraries. If an attacker could trick a user into running ldd\non a malicious binary, it could result in arbitrary code execution\nwith the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various\nmount helper utilities, did not handle certain errors correctly when\nupdating the mtab (mounted file systems table) file. If such utilities\nhad the setuid bit set, a local attacker could use this flaw to\ncorrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number\nof connections to an RPC service that is using the RPC implementation\nfrom glibc, could use this flaw to make that service use an excessive\namount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The\nUbuntu Security Team acknowledges Dan Rosenberg as the original\nreporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-5064.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-0830.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-1089.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-4609.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2012-0126.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0126\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"glibc-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glibc-devel-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc\");\n }\n}\n", "hashmap": [{"hash": "5a5a54611766f3da3ce3cb528f3027a4", "key": "references"}, {"hash": "b7f00b70496e4f2268229628988b3711", "key": "sourceData"}, {"hash": "369eb856f7dc4cfd31b9acc3c0811267", "key": "modified"}, {"hash": "6f8115c44826ba13de903bb0d26a7d5b", "key": "cvelist"}, {"hash": "7962711bd7650e97eb287d800fd6fd3a", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2c579aa4e476f52de92baf9b41b1db07", "key": "title"}, {"hash": "7c885de43ac8c8fec677c5a50f1ca9e9", "key": "published"}, {"hash": "3b4231700df65bd1e280187eabbb0395", "key": "pluginID"}, {"hash": "e8bafdc9ad5c6f47fe1e6e5fd509b7a9", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c4f16ed276157b63b39f28c10395355d", "key": "href"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "objectVersion": "1.2"}}, {"differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:23:08", "bulletin": {"published": "2012-02-14T00:00:00", "id": "REDHAT-RHSA-2012-0126.NASL", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "history": [], "hash": "f0c1c20f29d3a9c25f7e64d6bdfdf872ab70189d5de703b086bf089067ac5a0c", "description": "Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.", "type": "nessus", "pluginID": "57929", "lastseen": "2016-09-26T17:23:08", "edition": 1, "title": "RHEL 5 : glibc (RHSA-2012:0126)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57929", "modified": "2014-11-17T00:00:00", "bulletinFamily": "exploit", "viewCount": 0, "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "references": ["http://rhn.redhat.com/errata/RHSA-2012-0126.html", "https://www.redhat.com/security/data/cve/CVE-2011-4609.html", "https://www.redhat.com/security/data/cve/CVE-2011-1089.html", "https://www.redhat.com/security/data/cve/CVE-2010-0830.html", "https://www.redhat.com/security/data/cve/CVE-2009-5029.html", "https://www.redhat.com/security/data/cve/CVE-2009-5064.html"], "naslFamily": "Red Hat Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0126. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57929);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2014/11/17 20:04:01 $\");\n\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\");\n script_bugtraq_id(40063, 46740, 50898, 51439);\n script_osvdb_id(65077, 74278, 74883, 77508, 78316);\n script_xref(name:\"RHSA\", value:\"2012:0126\");\n\n script_name(english:\"RHEL 5 : glibc (RHSA-2012:0126)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked\nagainst glibc, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically\nlinked libraries. If an attacker could trick a user into running ldd\non a malicious binary, it could result in arbitrary code execution\nwith the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various\nmount helper utilities, did not handle certain errors correctly when\nupdating the mtab (mounted file systems table) file. If such utilities\nhad the setuid bit set, a local attacker could use this flaw to\ncorrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number\nof connections to an RPC service that is using the RPC implementation\nfrom glibc, could use this flaw to make that service use an excessive\namount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The\nUbuntu Security Team acknowledges Dan Rosenberg as the original\nreporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-5064.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-0830.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-1089.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-4609.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2012-0126.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL5\", reference:\"glibc-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", reference:\"glibc-devel-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc\");\n}\n", "hashmap": [{"hash": "ad75a1683f957f79029a294f280f3834", "key": "sourceData"}, {"hash": "5a5a54611766f3da3ce3cb528f3027a4", "key": "references"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "6f8115c44826ba13de903bb0d26a7d5b", "key": "cvelist"}, {"hash": "7962711bd7650e97eb287d800fd6fd3a", "key": "description"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2c579aa4e476f52de92baf9b41b1db07", "key": "title"}, {"hash": "7c885de43ac8c8fec677c5a50f1ca9e9", "key": "published"}, {"hash": "3b4231700df65bd1e280187eabbb0395", "key": "pluginID"}, {"hash": "e8bafdc9ad5c6f47fe1e6e5fd509b7a9", "key": "cvss"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "de38beaee21e66bc5dbf54f5a2409885", "key": "modified"}, {"hash": "c4f16ed276157b63b39f28c10395355d", "key": "href"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}], "objectVersion": "1.2"}}, {"differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2017-10-29T13:33:18", "bulletin": {"enchantments": {"score": {"value": 6.9, "modified": "2017-10-29T13:33:18"}}, "published": "2012-02-14T00:00:00", "id": "REDHAT-RHSA-2012-0126.NASL", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "history": [], "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:glibc-utils", "p-cpe:/a:redhat:enterprise_linux:glibc", "p-cpe:/a:redhat:enterprise_linux:glibc-common", "p-cpe:/a:redhat:enterprise_linux:glibc-devel", "p-cpe:/a:redhat:enterprise_linux:nscd", "p-cpe:/a:redhat:enterprise_linux:glibc-headers"], "hash": "ac5caa4623a6837410dc5754ac7267ce4e0615b9818ccfa656c6599ea90db332", "description": "Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.", "type": "nessus", "pluginID": "57929", "lastseen": "2017-10-29T13:33:18", "edition": 3, "title": "RHEL 5 : glibc (RHSA-2012:0126)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57929", "modified": "2017-01-05T00:00:00", "bulletinFamily": "scanner", "viewCount": 6, "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "references": ["http://rhn.redhat.com/errata/RHSA-2012-0126.html", "https://www.redhat.com/security/data/cve/CVE-2011-4609.html", "https://www.redhat.com/security/data/cve/CVE-2011-1089.html", "https://www.redhat.com/security/data/cve/CVE-2010-0830.html", "https://www.redhat.com/security/data/cve/CVE-2009-5029.html", "https://www.redhat.com/security/data/cve/CVE-2009-5064.html"], "naslFamily": "Red Hat Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0126. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57929);\n script_version (\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2017/01/05 16:04:21 $\");\n\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\");\n script_bugtraq_id(40063, 46740, 50898, 51439);\n script_osvdb_id(65077, 74278, 74883, 77508, 78316);\n script_xref(name:\"RHSA\", value:\"2012:0126\");\n\n script_name(english:\"RHEL 5 : glibc (RHSA-2012:0126)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked\nagainst glibc, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically\nlinked libraries. If an attacker could trick a user into running ldd\non a malicious binary, it could result in arbitrary code execution\nwith the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various\nmount helper utilities, did not handle certain errors correctly when\nupdating the mtab (mounted file systems table) file. If such utilities\nhad the setuid bit set, a local attacker could use this flaw to\ncorrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number\nof connections to an RPC service that is using the RPC implementation\nfrom glibc, could use this flaw to make that service use an excessive\namount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The\nUbuntu Security Team acknowledges Dan Rosenberg as the original\nreporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-5064.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-0830.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-1089.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-4609.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2012-0126.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0126\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"glibc-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glibc-devel-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc\");\n }\n}\n", "hashmap": [{"hash": "5a5a54611766f3da3ce3cb528f3027a4", "key": "references"}, {"hash": "b7f00b70496e4f2268229628988b3711", "key": "sourceData"}, {"hash": "ae0665ae2f88d638e0907d932dfcc493", "key": "cpe"}, {"hash": "369eb856f7dc4cfd31b9acc3c0811267", "key": "modified"}, {"hash": "6f8115c44826ba13de903bb0d26a7d5b", "key": "cvelist"}, {"hash": "7962711bd7650e97eb287d800fd6fd3a", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2c579aa4e476f52de92baf9b41b1db07", "key": "title"}, {"hash": "7c885de43ac8c8fec677c5a50f1ca9e9", "key": "published"}, {"hash": "3b4231700df65bd1e280187eabbb0395", "key": "pluginID"}, {"hash": "e8bafdc9ad5c6f47fe1e6e5fd509b7a9", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c4f16ed276157b63b39f28c10395355d", "key": "href"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}], "objectVersion": "1.3"}}], "description": "Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.", "hash": "7ea5745f2768c008b8db4a80ab53f8e28768b1d6da8d64c140f4063efede077e", "enchantments": {"vulnersScore": 7.2}, "type": "nessus", "pluginID": "57929", "lastseen": "2018-02-05T22:54:59", "edition": 4, "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:glibc-utils", "p-cpe:/a:redhat:enterprise_linux:glibc", "p-cpe:/a:redhat:enterprise_linux:glibc-common", "p-cpe:/a:redhat:enterprise_linux:glibc-devel", "p-cpe:/a:redhat:enterprise_linux:nscd", "p-cpe:/a:redhat:enterprise_linux:glibc-headers"], "title": "RHEL 5 : glibc (RHSA-2012:0126)", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57929", "modified": "2018-02-05T00:00:00", "bulletinFamily": "scanner", "viewCount": 6, "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "references": ["http://rhn.redhat.com/errata/RHSA-2012-0126.html", "https://www.redhat.com/security/data/cve/CVE-2011-4609.html", "https://www.redhat.com/security/data/cve/CVE-2011-1089.html", "https://www.redhat.com/security/data/cve/CVE-2010-0830.html", "https://www.redhat.com/security/data/cve/CVE-2009-5029.html", "https://www.redhat.com/security/data/cve/CVE-2009-5064.html"], "naslFamily": "Red Hat Local Security Checks", "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0126. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57929);\n script_version (\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2018/02/05 14:47:53 $\");\n\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0830\", \"CVE-2011-1089\", \"CVE-2011-4609\");\n script_bugtraq_id(40063, 46740, 50898, 51439);\n script_osvdb_id(65077, 74278, 74883, 77508, 78316);\n script_xref(name:\"RHSA\", value:\"2012:0126\");\n\n script_name(english:\"RHEL 5 : glibc (RHSA-2012:0126)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated glibc packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked\nagainst glibc, it could cause the application to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically\nlinked libraries. If an attacker could trick a user into running ldd\non a malicious binary, it could result in arbitrary code execution\nwith the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various\nmount helper utilities, did not handle certain errors correctly when\nupdating the mtab (mounted file systems table) file. If such utilities\nhad the setuid bit set, a local attacker could use this flaw to\ncorrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number\nof connections to an RPC service that is using the RPC implementation\nfrom glibc, could use this flaw to make that service use an excessive\namount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The\nUbuntu Security Team acknowledges Dan Rosenberg as the original\nreporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-5029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-5064.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-0830.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-1089.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2011-4609.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2012-0126.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0126\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"glibc-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-common-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"glibc-devel-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-headers-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"glibc-utils-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"nscd-2.5-65.el5_7.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-common / glibc-devel / glibc-headers / glibc-utils / etc\");\n }\n}\n", "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "ae0665ae2f88d638e0907d932dfcc493", "key": "cpe"}, {"hash": "6f8115c44826ba13de903bb0d26a7d5b", "key": "cvelist"}, {"hash": "e8bafdc9ad5c6f47fe1e6e5fd509b7a9", "key": "cvss"}, {"hash": "7962711bd7650e97eb287d800fd6fd3a", "key": "description"}, {"hash": "c4f16ed276157b63b39f28c10395355d", "key": "href"}, {"hash": "eaa4ed87336e2e51d149ce6e262dadbe", "key": "modified"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "3b4231700df65bd1e280187eabbb0395", "key": "pluginID"}, {"hash": "7c885de43ac8c8fec677c5a50f1ca9e9", "key": "published"}, {"hash": "5a5a54611766f3da3ce3cb528f3027a4", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "981bbd9e32ffd82a8b6a813b152e8432", "key": "sourceData"}, {"hash": "2c579aa4e476f52de92baf9b41b1db07", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "objectVersion": "1.3"}
{"result": {"cve": [{"id": "CVE-2011-4609", "type": "cve", "title": "CVE-2011-4609", "description": "The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.", "published": "2013-05-02T10:55:01", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4609", "cvelist": ["CVE-2011-4609"], "lastseen": "2016-09-03T15:55:25"}, {"id": "CVE-2010-0830", "type": "cve", "title": "CVE-2010-0830", "description": "Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.", "published": "2010-06-01T16:30:02", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0830", "cvelist": ["CVE-2010-0830"], "lastseen": "2017-08-17T11:14:44"}, {"id": "CVE-2009-5029", "type": "cve", "title": "CVE-2009-5029", "description": "Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.", "published": "2013-05-02T10:55:01", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-5029", "cvelist": ["CVE-2009-5029"], "lastseen": "2016-09-03T13:21:03"}, {"id": "CVE-2011-1089", "type": "cve", "title": "CVE-2011-1089", "description": "The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.", "published": "2011-04-09T22:55:01", "cvss": {"score": 3.3, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1089", "cvelist": ["CVE-2011-1089"], "lastseen": "2017-04-18T15:52:56"}, {"id": "CVE-2009-5064", "type": "cve", "title": "CVE-2009-5064", "description": "** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states \"This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc.\"", "published": "2011-03-30T18:55:01", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-5064", "cvelist": ["CVE-2009-5064"], "lastseen": "2016-09-03T13:21:30"}], "openvas": [{"id": "OPENVAS:1361412562310120203", "type": "openvas", "title": "Amazon Linux Local Check: ALAS-2012-39", "description": "Amazon Linux Local Security Checks", "published": "2015-09-08T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120203", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2017-07-24T12:51:07"}, {"id": "OPENVAS:1361412562310881117", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0058 centos6 ", "description": "Check for the Version of glibc", "published": "2012-07-30T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881117", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2018-04-06T11:17:20"}, {"id": "OPENVAS:1361412562310870722", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0058-01", "description": "Check for the Version of glibc", "published": "2012-07-09T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870722", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2018-04-06T11:18:34"}, {"id": "OPENVAS:881117", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0058 centos6 ", "description": "Check for the Version of glibc", "published": "2012-07-30T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881117", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2018-01-11T11:06:24"}, {"id": "OPENVAS:870722", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0058-01", "description": "Check for the Version of glibc", "published": "2012-07-09T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=870722", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2018-01-02T10:57:25"}, {"id": "OPENVAS:1361412562310122007", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0058", "description": "Oracle Linux Local Security Checks ELSA-2012-0058", "published": "2015-10-06T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122007", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2017-07-24T12:52:38"}, {"id": "OPENVAS:870556", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0126-01", "description": "Check for the Version of glibc", "published": "2012-02-21T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=870556", "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2018-01-03T10:57:03"}, {"id": "OPENVAS:1361412562310881084", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0126 centos5 ", "description": "Check for the Version of glibc", "published": "2012-07-30T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881084", "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2018-04-06T11:17:10"}, {"id": "OPENVAS:1361412562310123990", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0126", "description": "Oracle Linux Local Security Checks ELSA-2012-0126", "published": "2015-10-06T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123990", "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2017-07-24T12:52:21"}, {"id": "OPENVAS:881084", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0126 centos5 ", "description": "Check for the Version of glibc", "published": "2012-07-30T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881084", "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2018-01-06T13:06:39"}], "redhat": [{"id": "RHSA-2012:0058", "type": "redhat", "title": "(RHSA-2012:0058) Moderate: glibc security and bug fix update", "description": "The glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system cannot\nfunction properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked against\nglibc, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-5029)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number of\nconnections to an RPC service that is using the RPC implementation from\nglibc, could use this flaw to make that service use an excessive amount of\nCPU time. (CVE-2011-4609)\n\nThis update also fixes the following bugs:\n\n* glibc had incorrect information for numeric separators and groupings for\nspecific French, Spanish, and German locales. Therefore, applications\nutilizing glibc's locale support printed numbers with the wrong separators\nand groupings when those locales were in use. With this update, the\nseparator and grouping information has been fixed. (BZ#754116)\n\n* The RHBA-2011:1179 glibc update introduced a regression, causing glibc to\nincorrectly parse groups with more than 126 members, resulting in\napplications such as \"id\" failing to list all the groups a particular user\nwas a member of. With this update, group parsing has been fixed.\n(BZ#766484)\n\n* glibc incorrectly allocated too much memory due to a race condition\nwithin its own malloc routines. This could cause a multi-threaded\napplication to allocate more memory than was expected. With this update,\nthe race condition has been fixed, and malloc's behavior is now consistent\nwith the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX\nenvironment variables. (BZ#769594)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to resolve these issues.\n", "published": "2012-01-24T05:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2012:0058", "cvelist": ["CVE-2009-5029", "CVE-2011-4609"], "lastseen": "2017-12-25T20:05:29"}, {"id": "RHSA-2012:0126", "type": "redhat", "title": "(RHSA-2012:0126) Moderate: glibc security update", "description": "The glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system cannot\nfunction properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked against\nglibc, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked\nlibraries. If an attacker could trick a user into running ldd on a\nmalicious binary, it could result in arbitrary code execution with the\nprivileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to crash\nor, potentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount\nhelper utilities, did not handle certain errors correctly when updating the\nmtab (mounted file systems table) file. If such utilities had the setuid\nbit set, a local attacker could use this flaw to corrupt the mtab file.\n(CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number of\nconnections to an RPC service that is using the RPC implementation from\nglibc, could use this flaw to make that service use an excessive amount of\nCPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu\nSecurity Team acknowledges Dan Rosenberg as the original reporter of\nCVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.\n", "published": "2012-02-13T05:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2012:0126", "cvelist": ["CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0830", "CVE-2011-1089", "CVE-2011-4609"], "lastseen": "2017-09-09T07:20:00"}, {"id": "RHSA-2012:0125", "type": "redhat", "title": "(RHSA-2012:0125) Moderate: glibc security and bug fix update", "description": "The glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system cannot\nfunction properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked against\nglibc, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked\nlibraries. If an attacker could trick a user into running ldd on a\nmalicious binary, it could result in arbitrary code execution with the\nprivileges of the user running ldd. (CVE-2009-5064)\n\nIt was discovered that the glibc addmntent() function, used by various\nmount helper utilities, did not sanitize its input properly. A local\nattacker could possibly use this flaw to inject malformed lines into the\nmtab (mounted file systems table) file via certain setuid mount helpers, if\nthe attacker were allowed to mount to an arbitrary directory under their\ncontrol. (CVE-2010-0296)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to crash\nor, potentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2010-0830)\n\nIt was discovered that the glibc fnmatch() function did not properly\nrestrict the use of alloca(). If the function was called on sufficiently\nlarge inputs, it could cause an application using fnmatch() to crash or,\npossibly, execute arbitrary code with the privileges of the application.\n(CVE-2011-1071)\n\nIt was found that the glibc addmntent() function, used by various mount\nhelper utilities, did not handle certain errors correctly when updating the\nmtab (mounted file systems table) file. If such utilities had the setuid\nbit set, a local attacker could use this flaw to corrupt the mtab file.\n(CVE-2011-1089)\n\nIt was discovered that the locale command did not produce properly escaped\noutput as required by the POSIX specification. If an attacker were able to\nset the locale environment variables in the environment of a script that\nperformed shell evaluation on the output of the locale command, and that\nscript were run with different privileges than the attacker's, it could\nexecute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\nAn integer overflow flaw was found in the glibc fnmatch() function. If an\nattacker supplied a long UTF-8 string to an application linked against\nglibc, it could cause the application to crash. (CVE-2011-1659)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number of\nconnections to an RPC service that is using the RPC implementation from\nglibc, could use this flaw to make that service use an excessive amount of\nCPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu\nSecurity Team acknowledges Dan Rosenberg as the original reporter of\nCVE-2010-0830.\n\nThis update also fixes the following bug:\n\n* When using an nscd package that is a different version than the glibc\npackage, the nscd service could fail to start. This update makes the nscd\npackage require a specific glibc version to prevent this problem.\n(BZ#657009)\n\nUsers should upgrade to these updated packages, which resolve these issues.\n", "published": "2012-02-13T05:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2012:0125", "cvelist": ["CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0296", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1089", "CVE-2011-1095", "CVE-2011-1659", "CVE-2011-4609"], "lastseen": "2017-09-09T07:19:42"}, {"id": "RHSA-2012:0109", "type": "redhat", "title": "(RHSA-2012:0109) Important: rhev-hypervisor6 security and bug fix update", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA heap overflow flaw was found in the way QEMU-KVM emulated the e1000\nnetwork interface card. A privileged guest user in a virtual machine whose\nnetwork interface is configured to use the e1000 emulated driver could use\nthis flaw to crash the host or, possibly, escalate their privileges on the\nhost. (CVE-2012-0029)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation\nin OpenSSL. Incorrect initialization of SSL record padding bytes could\ncause an SSL client or server to send a limited amount of possibly\nsensitive data to its SSL peer via the encrypted connection.\n(CVE-2011-4576)\n\nA denial of service flaw was found in the RFC 3779 implementation in\nOpenSSL. A remote attacker could use this flaw to make an application using\nOpenSSL exit unexpectedly by providing a specially-crafted X.509\ncertificate that has malformed RFC 3779 extension data. (CVE-2011-4577)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A remote\nattacker could use this flaw to make a TLS/SSL server using OpenSSL consume\nan excessive amount of CPU by continuously restarting the handshake.\n(CVE-2011-4619)\n\nRed Hat would like to thank Nicolae Mogoreanu for reporting CVE-2012-0029.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2009-5029 and CVE-2011-4609 (glibc issues)\n\nCVE-2012-0056 (kernel issue)\n\nCVE-2011-4108 and CVE-2012-0050 (openssl issues)\n\nThis update also fixes the following bugs:\n\n* Previously, it was possible to begin a Hypervisor installation without\nany valid disks to install to.\n\nNow, if no valid disks are found for Hypervisor installation, a message is\ndisplayed informing the user that there are no valid disks for\ninstallation. (BZ#781471)\n\n* Previously, the user interface for the Hypervisor did not indicate\nwhether the system was registered with Red Hat Network (RHN) Classic or RHN\nSatellite. As a result, customers could not easily determine the\nregistration status of their Hypervisor installations.\n\nThe TUI has been updated to display the registration status of the\nHypervisor. (BZ#788223)\n\n* Previously, autoinstall would fail if the firstboot or reinstall options\nwere passed but local_boot or upgrade were not passed. Now, neither the\nlocal_boot or upgrade parameters are required for autoinstall. (BZ#788225)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\n", "published": "2012-02-15T05:00:00", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2012:0109", "cvelist": ["CVE-2012-0056", "CVE-2011-4108", "CVE-2011-4609", "CVE-2011-4576", "CVE-2012-0029", "CVE-2011-4577", "CVE-2011-4619", "CVE-2012-0050", "CVE-2009-5029"], "lastseen": "2017-03-10T07:18:37"}, {"id": "RHSA-2012:0168", "type": "redhat", "title": "(RHSA-2012:0168) Important: rhev-hypervisor5 security and bug fix update", "description": "The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization\nHypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor.\nIt includes everything necessary to run and manage virtual machines: A\nsubset of the Red Hat Enterprise Linux operating environment and the Red\nHat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA heap overflow flaw was found in the way QEMU-KVM emulated the e1000\nnetwork interface card. A privileged guest user in a virtual machine whose\nnetwork interface is configured to use the e1000 emulated driver could use\nthis flaw to crash the host or, possibly, escalate their privileges on the\nhost. (CVE-2012-0029)\n\nA divide-by-zero flaw was found in the Linux kernel's igmp_heard_query()\nfunction. An attacker able to send certain IGMP (Internet Group Management\nProtocol) packets to a target system could use this flaw to cause a denial\nof service. (CVE-2012-0207)\n\nA double free flaw was discovered in the policy checking code in OpenSSL.\nA remote attacker could use this flaw to crash an application that uses\nOpenSSL by providing an X.509 certificate that has specially-crafted\npolicy extension data. (CVE-2011-4109)\n\nAn information leak flaw was found in the SSL 3.0 protocol implementation\nin OpenSSL. Incorrect initialization of SSL record padding bytes could\ncause an SSL client or server to send a limited amount of possibly\nsensitive data to its SSL peer via the encrypted connection.\n(CVE-2011-4576)\n\nIt was discovered that OpenSSL did not limit the number of TLS/SSL\nhandshake restarts required to support Server Gated Cryptography. A remote\nattacker could use this flaw to make a TLS/SSL server using OpenSSL consume\nan excessive amount of CPU by continuously restarting the handshake.\n(CVE-2011-4619)\n\nRed Hat would like to thank Nicolae Mogoreanu for reporting CVE-2012-0029,\nand Simon McVittie for reporting CVE-2012-0207.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2006-1168 and CVE-2011-2716 (busybox issues)\n\nCVE-2009-5029, CVE-2009-5064, CVE-2010-0830 and CVE-2011-1089 (glibc\nissues)\n\nCVE-2011-1083, CVE-2011-3638, CVE-2011-4086, CVE-2011-4127 and\nCVE-2012-0028 (kernel issues)\n\nCVE-2011-1526 (krb5 issue)\n\nCVE-2011-4347 (kvm issue)\n\nCVE-2010-4008, CVE-2011-0216, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919\nand CVE-2011-1944 (libxml2 issues)\n\nCVE-2011-1749 (nfs-utils issue)\n\nCVE-2011-4108 (openssl issue)\n\nCVE-2011-0010 (sudo issue)\n\nCVE-2011-1675 and CVE-2011-1677 (util-linux issues)\n\nCVE-2010-0424 (vixie-cron issue)\n\nThis updated rhev-hypervisor5 package fixes various bugs. Documentation of\nthese changes will be available shortly in the Technical Notes document:\n\nhttps://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Virtualization_for_Servers/2.2/html/Technical_Notes/index.html\n\nUsers of Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\n", "published": "2012-02-21T05:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2012:0168", "cvelist": ["CVE-2006-1168", "CVE-2009-5029", "CVE-2009-5064", "CVE-2010-0424", "CVE-2010-0830", "CVE-2010-4008", "CVE-2011-0010", "CVE-2011-0216", "CVE-2011-1083", "CVE-2011-1089", "CVE-2011-1526", "CVE-2011-1675", "CVE-2011-1677", "CVE-2011-1749", "CVE-2011-1944", "CVE-2011-2716", "CVE-2011-2834", "CVE-2011-3638", "CVE-2011-3905", "CVE-2011-3919", "CVE-2011-4086", "CVE-2011-4108", "CVE-2011-4109", "CVE-2011-4127", "CVE-2011-4347", "CVE-2011-4576", "CVE-2011-4619", "CVE-2012-0028", "CVE-2012-0029", "CVE-2012-0207"], "lastseen": "2018-05-06T19:01:05"}, {"id": "RHSA-2011:1526", "type": "redhat", "title": "(RHSA-2011:1526) Low: glibc security, bug fix, and enhancement update", "description": "The glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nA flaw was found in the way the ldd utility identified dynamically linked\nlibraries. If an attacker could trick a user into running ldd on a\nmalicious binary, it could result in arbitrary code execution with the\nprivileges of the user running ldd. (CVE-2009-5064)\n\nIt was found that the glibc addmntent() function, used by various mount\nhelper utilities, did not handle certain errors correctly when updating the\nmtab (mounted file systems table) file. If such utilities had the setuid\nbit set, a local attacker could use this flaw to corrupt the mtab file.\n(CVE-2011-1089)\n\nRed Hat would like to thank Dan Rosenberg for reporting the CVE-2011-1089\nissue.\n\nThis update also fixes several bugs and adds various enhancements.\nDocumentation for these bug fixes and enhancements will be available\nshortly from the Technical Notes document, linked to in the References\nsection.\n\nUsers are advised to upgrade to these updated glibc packages, which contain\nbackported patches to resolve these issues and add these enhancements.\n", "published": "2011-12-06T05:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2011:1526", "cvelist": ["CVE-2009-5064", "CVE-2011-1089"], "lastseen": "2017-12-25T20:04:57"}], "nessus": [{"id": "REDHAT-RHSA-2012-0058.NASL", "type": "nessus", "title": "RHEL 6 : glibc (RHSA-2012:0058)", "description": "Updated glibc packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nThis update also fixes the following bugs :\n\n* glibc had incorrect information for numeric separators and groupings for specific French, Spanish, and German locales. Therefore, applications utilizing glibc's locale support printed numbers with the wrong separators and groupings when those locales were in use. With this update, the separator and grouping information has been fixed.\n(BZ#754116)\n\n* The RHBA-2011:1179 glibc update introduced a regression, causing glibc to incorrectly parse groups with more than 126 members, resulting in applications such as 'id' failing to list all the groups a particular user was a member of. With this update, group parsing has been fixed. (BZ#766484)\n\n* glibc incorrectly allocated too much memory due to a race condition within its own malloc routines. This could cause a multi-threaded application to allocate more memory than was expected. With this update, the race condition has been fixed, and malloc's behavior is now consistent with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX environment variables. (BZ#769594)\n\nUsers should upgrade to these updated packages, which contain backported patches to resolve these issues.", "published": "2012-01-25T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=57676", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2017-10-29T13:33:17"}, {"id": "ALA_ALAS-2012-39.NASL", "type": "nessus", "title": "Amazon Linux AMI : glibc (ALAS-2012-39)", "description": "An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)", "published": "2013-09-04T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=69646", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2018-04-19T08:04:21"}, {"id": "ORACLELINUX_ELSA-2012-0058.NASL", "type": "nessus", "title": "Oracle Linux 6 : glibc (ELSA-2012-0058)", "description": "From Red Hat Security Advisory 2012:0058 :\n\nUpdated glibc packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nThis update also fixes the following bugs :\n\n* glibc had incorrect information for numeric separators and groupings for specific French, Spanish, and German locales. Therefore, applications utilizing glibc's locale support printed numbers with the wrong separators and groupings when those locales were in use. With this update, the separator and grouping information has been fixed.\n(BZ#754116)\n\n* The RHBA-2011:1179 glibc update introduced a regression, causing glibc to incorrectly parse groups with more than 126 members, resulting in applications such as 'id' failing to list all the groups a particular user was a member of. With this update, group parsing has been fixed. (BZ#766484)\n\n* glibc incorrectly allocated too much memory due to a race condition within its own malloc routines. This could cause a multi-threaded application to allocate more memory than was expected. With this update, the race condition has been fixed, and malloc's behavior is now consistent with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX environment variables. (BZ#769594)\n\nUsers should upgrade to these updated packages, which contain backported patches to resolve these issues.", "published": "2013-07-12T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68436", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2017-10-29T13:45:01"}, {"id": "SL_20120124_GLIBC_ON_SL6_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : glibc on SL6.x i386/x86_64", "description": "The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nThis update also fixes the following bugs :\n\n - glibc had incorrect information for numeric separators and groupings for specific French, Spanish, and German locales. Therefore, applications utilizing glibc's locale support printed numbers with the wrong separators and groupings when those locales were in use. With this update, the separator and grouping information has been fixed.\n\n - The 2.12-1.25.el6_1.3 glibc update introduced a regression, causing glibc to incorrectly parse groups with more than 126 members, resulting in applications such as 'id' failing to list all the groups a particular user was a member of. With this update, group parsing has been fixed.\n\n - glibc incorrectly allocated too much memory due to a race condition within its own malloc routines. This could cause a multi-threaded application to allocate more memory than was expected. With this update, the race condition has been fixed, and malloc's behavior is now consistent with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX environment variables.\n\nUsers should upgrade to these updated packages, which contain backported patches to resolve these issues.", "published": "2012-08-01T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=61223", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2017-10-29T13:44:06"}, {"id": "CENTOS_RHSA-2012-0058.NASL", "type": "nessus", "title": "CentOS 6 : glibc (CESA-2012:0058)", "description": "Updated glibc packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nThis update also fixes the following bugs :\n\n* glibc had incorrect information for numeric separators and groupings for specific French, Spanish, and German locales. Therefore, applications utilizing glibc's locale support printed numbers with the wrong separators and groupings when those locales were in use. With this update, the separator and grouping information has been fixed.\n(BZ#754116)\n\n* The RHBA-2011:1179 glibc update introduced a regression, causing glibc to incorrectly parse groups with more than 126 members, resulting in applications such as 'id' failing to list all the groups a particular user was a member of. With this update, group parsing has been fixed. (BZ#766484)\n\n* glibc incorrectly allocated too much memory due to a race condition within its own malloc routines. This could cause a multi-threaded application to allocate more memory than was expected. With this update, the race condition has been fixed, and malloc's behavior is now consistent with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX environment variables. (BZ#769594)\n\nUsers should upgrade to these updated packages, which contain backported patches to resolve these issues.", "published": "2012-01-31T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=57730", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2017-10-29T13:37:01"}, {"id": "ORACLELINUX_ELSA-2012-0126.NASL", "type": "nessus", "title": "Oracle Linux 5 : glibc (ELSA-2012-0126)", "description": "From Red Hat Security Advisory 2012:0126 :\n\nUpdated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.", "published": "2013-07-12T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68456", "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2018-02-05T23:08:59"}, {"id": "SL_20120213_GLIBC_ON_SL5_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : glibc on SL5.x i386/x86_64", "description": "The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nUsers should upgrade to these updated packages, which resolve these issues.", "published": "2012-08-01T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=61244", "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2017-10-29T13:45:33"}, {"id": "CENTOS_RHSA-2012-0126.NASL", "type": "nessus", "title": "CentOS 5 : glibc (CESA-2012:0126)", "description": "Updated glibc packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.", "published": "2012-02-14T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=57924", "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2018-02-05T23:10:29"}, {"id": "ORACLELINUX_ELSA-2012-0125.NASL", "type": "nessus", "title": "Oracle Linux 4 : glibc (ELSA-2012-0125)", "description": "From Red Hat Security Advisory 2012:0125 :\n\nUpdated glibc packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nIt was discovered that the glibc addmntent() function, used by various mount helper utilities, did not sanitize its input properly. A local attacker could possibly use this flaw to inject malformed lines into the mtab (mounted file systems table) file via certain setuid mount helpers, if the attacker were allowed to mount to an arbitrary directory under their control. (CVE-2010-0296)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was discovered that the glibc fnmatch() function did not properly restrict the use of alloca(). If the function was called on sufficiently large inputs, it could cause an application using fnmatch() to crash or, possibly, execute arbitrary code with the privileges of the application. (CVE-2011-1071)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nIt was discovered that the locale command did not produce properly escaped output as required by the POSIX specification. If an attacker were able to set the locale environment variables in the environment of a script that performed shell evaluation on the output of the locale command, and that script were run with different privileges than the attacker's, it could execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\nAn integer overflow flaw was found in the glibc fnmatch() function. If an attacker supplied a long UTF-8 string to an application linked against glibc, it could cause the application to crash.\n(CVE-2011-1659)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nThis update also fixes the following bug :\n\n* When using an nscd package that is a different version than the glibc package, the nscd service could fail to start. This update makes the nscd package require a specific glibc version to prevent this problem. (BZ#657009)\n\nUsers should upgrade to these updated packages, which resolve these issues.", "published": "2013-07-12T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68455", "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2017-10-29T13:41:15"}, {"id": "CENTOS_RHSA-2012-0125.NASL", "type": "nessus", "title": "CentOS 4 : glibc (CESA-2012:0125)", "description": "Updated glibc packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064)\n\nIt was discovered that the glibc addmntent() function, used by various mount helper utilities, did not sanitize its input properly. A local attacker could possibly use this flaw to inject malformed lines into the mtab (mounted file systems table) file via certain setuid mount helpers, if the attacker were allowed to mount to an arbitrary directory under their control. (CVE-2010-0296)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-0830)\n\nIt was discovered that the glibc fnmatch() function did not properly restrict the use of alloca(). If the function was called on sufficiently large inputs, it could cause an application using fnmatch() to crash or, possibly, execute arbitrary code with the privileges of the application. (CVE-2011-1071)\n\nIt was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)\n\nIt was discovered that the locale command did not produce properly escaped output as required by the POSIX specification. If an attacker were able to set the locale environment variables in the environment of a script that performed shell evaluation on the output of the locale command, and that script were run with different privileges than the attacker's, it could execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\nAn integer overflow flaw was found in the glibc fnmatch() function. If an attacker supplied a long UTF-8 string to an application linked against glibc, it could cause the application to crash.\n(CVE-2011-1659)\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu Security Team acknowledges Dan Rosenberg as the original reporter of CVE-2010-0830.\n\nThis update also fixes the following bug :\n\n* When using an nscd package that is a different version than the glibc package, the nscd service could fail to start. This update makes the nscd package require a specific glibc version to prevent this problem. (BZ#657009)\n\nUsers should upgrade to these updated packages, which resolve these issues.", "published": "2012-02-14T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=57923", "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2017-10-29T13:38:27"}], "oraclelinux": [{"id": "ELSA-2012-0058", "type": "oraclelinux", "title": "glibc security and bug fix update", "description": "[2.12-1.47.el6_2.5]\n- Avoid high cpu usage when accept fails with EMFILE (#767692)\n[2.12-1.47.el6_2.4]\n- Make implementation of ARENAS_TEST and ARENAS_MAX match\n documentation (#769594)\n- Check malloc arena atomically (#769594)\n[2.12-1.47.el6_2.3]\n- Check values from TZ file header (#767692)\n[2.12-1.47.el6_2.2]\n- Correctly reparse group line after enlarging the buffer\n (#766484)\n[2.12-1.47.el6_2.1]\n- Fix grouping and reuse other locales in various locales (#754116)", "published": "2012-01-24T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-0058.html", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2016-09-04T11:16:57"}, {"id": "ELSA-2012-0126", "type": "oraclelinux", "title": "glibc security update", "description": "[2.5-65.el5_7.3]\n- Use correct type when casting d_tag (#767687)\n- Report write error in addmnt even for cached streams (#767687)\n- ldd: Never run file directly (#767687).\n- Workaround misconfigured system (#767687)\n[2.5-65.el5_7.2]\n- Check values from TZ file header (#767687)", "published": "2012-02-13T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-0126.html", "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2016-09-04T11:16:43"}, {"id": "ELSA-2012-0125", "type": "oraclelinux", "title": "glibc security and bug fix update", "description": "[2.3.4-2.57]\n- Use malloc as needed in fnmatch (#769360)\n[2.3.4-2.56]\n- Fix handling if newline in addmntent (#769360)\n- Use correct type when casting d_tag (#769360).\n- Properly quite output of local (#769360)\n- Check size of pattern in wide character representation in fnmatch (#769360)\n- Report write error in addmnt even for cached streams (#769360)\n- ldd: Never run file directly (#769360).\n- Check values from TZ file header (#767685)\n- Workaround misconfigured system (#767685)\n[2.3.4-2.55]\n- Require exact glibc version in nscd (#657009)", "published": "2012-02-13T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-0125.html", "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2016-09-04T11:16:30"}, {"id": "ELSA-2011-1526", "type": "oraclelinux", "title": "glibc security, bug fix, and enhancement update", "description": "[2.12-1.47]\n- Don't start AVC thread until credentials are installed (#700507)\n[2.12-1.46]\n- Update systemtaparches\n[2.12-1.45]\n- Update configure script\n[2.12-1.44]\n- Add gdb hooks (#711927)\n[2.12-1.43]\n- Don't assume AT_PAGESIZE is always available (#739184)\n- Define IP_MULTICAST_ALL (#738763)\n[2.12-1.42]\n- Avoid race between {,__de}allocate_stack and __reclaim_stacks during\n fork (#738665)\n[2.12-1.41]\n- Locale-independent parsing in libintl (#737778)\n[2.12-1.40]\n- Change setgroups to affect all the threads in the process (#736346)\n[2.12-1.39]\n- Make sure AVC thread has capabilities (#700507)\n- Fix memory leak in dlopen with RTLD_NOLOAD (#699724)\n[2.12-1.38]\n- Build libresolv with stack protector (#730379)\n[2.12-1.37]\n- Maintain stack alignment when cancelling threads (#731042)\n[2.12-1.36]\n- Fix missing debuginfo (#729036)\n[2.12-1.35]\n- Report write error in addmnt even for cached streams (#688980,\n CVE-2011-1089)\n- Handle Lustre filesystem (#712248)\n[2.12-1.34]\n- Query NIS domain only when needed (#718057)\n- Update: Use mmap for allocation of buffers used for __abort_msg\n (#676591)\n[2.12-1.33]\n- Don't use gethostbyaddr to determine canonical name (#714823)\n[2.12-1.32]\n- ldd: never run file directly (#713134)\n[2.12-1.31]\n- Support Intel processor model 6 and model 0x2c (#695595)\n- Optimize memcpy for SSSE3 (#695812)\n- Optimize strlen for SSE2 (#695963)\n[2.12-1.30]\n- Support f_flags in Linux statfs implementation (#711987)\n[2.12-1.29]\n- Avoid overriding CFLAGS (#706903)\n[2.12-1.28]\n- Use mmap for allocation of buffers used for __abort_msg (#676591)\n[2.12-1.27]\n- Fix PLT use due to __libc_alloca_cutoff\n- Schedule nscd cache pruning more accurately from re-added values\n (#703481)\n- Fix POWER4 optimized strncmp to not read past differing bytes\n (#694386)\n[2.12-1.26]\n- Create debuginfo-common on biarch platforms (#676467)\n- Use Rupee sign in Indian locales (#692838)\n- Signal temporary host lookup errors in nscd as such to the requester\n (#703480)\n- Define initgroups callback for nss_files (#705465)", "published": "2011-12-14T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2011-1526.html", "cvelist": ["CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2016-09-04T11:17:13"}], "centos": [{"id": "CESA-2012:0058", "type": "centos", "title": "glibc, nscd security update", "description": "**CentOS Errata and Security Advisory** CESA-2012:0058\n\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system cannot\nfunction properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked against\nglibc, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-5029)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number of\nconnections to an RPC service that is using the RPC implementation from\nglibc, could use this flaw to make that service use an excessive amount of\nCPU time. (CVE-2011-4609)\n\nThis update also fixes the following bugs:\n\n* glibc had incorrect information for numeric separators and groupings for\nspecific French, Spanish, and German locales. Therefore, applications\nutilizing glibc's locale support printed numbers with the wrong separators\nand groupings when those locales were in use. With this update, the\nseparator and grouping information has been fixed. (BZ#754116)\n\n* The RHBA-2011:1179 glibc update introduced a regression, causing glibc to\nincorrectly parse groups with more than 126 members, resulting in\napplications such as \"id\" failing to list all the groups a particular user\nwas a member of. With this update, group parsing has been fixed.\n(BZ#766484)\n\n* glibc incorrectly allocated too much memory due to a race condition\nwithin its own malloc routines. This could cause a multi-threaded\napplication to allocate more memory than was expected. With this update,\nthe race condition has been fixed, and malloc's behavior is now consistent\nwith the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX\nenvironment variables. (BZ#769594)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to resolve these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-January/018397.html\n\n**Affected packages:**\nglibc\nglibc-common\nglibc-devel\nglibc-headers\nglibc-static\nglibc-utils\nnscd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0058.html", "published": "2012-01-30T15:26:30", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2012-January/018397.html", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2017-10-03T18:25:31"}, {"id": "CESA-2012:0126", "type": "centos", "title": "glibc, nscd security update", "description": "**CentOS Errata and Security Advisory** CESA-2012:0126\n\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system cannot\nfunction properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked against\nglibc, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked\nlibraries. If an attacker could trick a user into running ldd on a\nmalicious binary, it could result in arbitrary code execution with the\nprivileges of the user running ldd. (CVE-2009-5064)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to crash\nor, potentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2010-0830)\n\nIt was found that the glibc addmntent() function, used by various mount\nhelper utilities, did not handle certain errors correctly when updating the\nmtab (mounted file systems table) file. If such utilities had the setuid\nbit set, a local attacker could use this flaw to corrupt the mtab file.\n(CVE-2011-1089)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number of\nconnections to an RPC service that is using the RPC implementation from\nglibc, could use this flaw to make that service use an excessive amount of\nCPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu\nSecurity Team acknowledges Dan Rosenberg as the original reporter of\nCVE-2010-0830.\n\nUsers should upgrade to these updated packages, which resolve these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-February/018428.html\n\n**Affected packages:**\nglibc\nglibc-common\nglibc-devel\nglibc-headers\nglibc-utils\nnscd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0126.html", "published": "2012-02-13T22:06:54", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2012-February/018428.html", "cvelist": ["CVE-2011-4609", "CVE-2010-0830", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2017-10-03T18:26:11"}, {"id": "CESA-2012:0125", "type": "centos", "title": "glibc, nptl, nscd security update", "description": "**CentOS Errata and Security Advisory** CESA-2012:0125\n\n\nThe glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system cannot\nfunction properly.\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library read timezone files. If a\ncarefully-crafted timezone file was loaded by an application linked against\nglibc, it could cause the application to crash or, potentially, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2009-5029)\n\nA flaw was found in the way the ldd utility identified dynamically linked\nlibraries. If an attacker could trick a user into running ldd on a\nmalicious binary, it could result in arbitrary code execution with the\nprivileges of the user running ldd. (CVE-2009-5064)\n\nIt was discovered that the glibc addmntent() function, used by various\nmount helper utilities, did not sanitize its input properly. A local\nattacker could possibly use this flaw to inject malformed lines into the\nmtab (mounted file systems table) file via certain setuid mount helpers, if\nthe attacker were allowed to mount to an arbitrary directory under their\ncontrol. (CVE-2010-0296)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way the glibc library loaded ELF (Executable and Linking\nFormat) files. If a carefully-crafted ELF file was loaded by an\napplication linked against glibc, it could cause the application to crash\nor, potentially, execute arbitrary code with the privileges of the user\nrunning the application. (CVE-2010-0830)\n\nIt was discovered that the glibc fnmatch() function did not properly\nrestrict the use of alloca(). If the function was called on sufficiently\nlarge inputs, it could cause an application using fnmatch() to crash or,\npossibly, execute arbitrary code with the privileges of the application.\n(CVE-2011-1071)\n\nIt was found that the glibc addmntent() function, used by various mount\nhelper utilities, did not handle certain errors correctly when updating the\nmtab (mounted file systems table) file. If such utilities had the setuid\nbit set, a local attacker could use this flaw to corrupt the mtab file.\n(CVE-2011-1089)\n\nIt was discovered that the locale command did not produce properly escaped\noutput as required by the POSIX specification. If an attacker were able to\nset the locale environment variables in the environment of a script that\nperformed shell evaluation on the output of the locale command, and that\nscript were run with different privileges than the attacker's, it could\nexecute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\nAn integer overflow flaw was found in the glibc fnmatch() function. If an\nattacker supplied a long UTF-8 string to an application linked against\nglibc, it could cause the application to crash. (CVE-2011-1659)\n\nA denial of service flaw was found in the remote procedure call (RPC)\nimplementation in glibc. A remote attacker able to open a large number of\nconnections to an RPC service that is using the RPC implementation from\nglibc, could use this flaw to make that service use an excessive amount of\nCPU time. (CVE-2011-4609)\n\nRed Hat would like to thank the Ubuntu Security Team for reporting\nCVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu\nSecurity Team acknowledges Dan Rosenberg as the original reporter of\nCVE-2010-0830.\n\nThis update also fixes the following bug:\n\n* When using an nscd package that is a different version than the glibc\npackage, the nscd service could fail to start. This update makes the nscd\npackage require a specific glibc version to prevent this problem.\n(BZ#657009)\n\nUsers should upgrade to these updated packages, which resolve these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-February/018427.html\n\n**Affected packages:**\nglibc\nglibc-common\nglibc-devel\nglibc-headers\nglibc-profile\nglibc-utils\nnptl-devel\nnscd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0125.html", "published": "2012-02-13T21:09:08", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2012-February/018427.html", "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2017-10-12T14:44:51"}], "amazon": [{"id": "ALAS-2012-39", "type": "amazon", "title": "Medium: glibc", "description": "**Issue Overview:**\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. ([CVE-2009-5029 __](<https://access.redhat.com/security/cve/CVE-2009-5029>))\n\nA denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. ([CVE-2011-4609 __](<https://access.redhat.com/security/cve/CVE-2011-4609>))\n\n \n**Affected Packages:** \n\n\nglibc\n\n \n**Issue Correction:** \nRun _yum update glibc_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n glibc-debuginfo-common-2.12-1.47.32.amzn1.i686 \n glibc-common-2.12-1.47.32.amzn1.i686 \n glibc-debuginfo-2.12-1.47.32.amzn1.i686 \n glibc-devel-2.12-1.47.32.amzn1.i686 \n glibc-2.12-1.47.32.amzn1.i686 \n glibc-utils-2.12-1.47.32.amzn1.i686 \n nscd-2.12-1.47.32.amzn1.i686 \n glibc-headers-2.12-1.47.32.amzn1.i686 \n glibc-static-2.12-1.47.32.amzn1.i686 \n \n src: \n glibc-2.12-1.47.32.amzn1.src \n \n x86_64: \n glibc-devel-2.12-1.47.32.amzn1.x86_64 \n glibc-static-2.12-1.47.32.amzn1.x86_64 \n glibc-debuginfo-common-2.12-1.47.32.amzn1.x86_64 \n glibc-utils-2.12-1.47.32.amzn1.x86_64 \n glibc-common-2.12-1.47.32.amzn1.x86_64 \n glibc-headers-2.12-1.47.32.amzn1.x86_64 \n glibc-2.12-1.47.32.amzn1.x86_64 \n glibc-debuginfo-2.12-1.47.32.amzn1.x86_64 \n nscd-2.12-1.47.32.amzn1.x86_64 \n \n \n", "published": "2012-02-02T14:26:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2012-39.html", "cvelist": ["CVE-2011-4609", "CVE-2009-5029"], "lastseen": "2016-09-28T21:04:12"}], "ubuntu": [{"id": "USN-1396-1", "type": "ubuntu", "title": "GNU C Library vulnerabilities", "description": "It was discovered that the GNU C Library did not properly handle integer overflows in the timezone handling code. An attacker could use this to possibly execute arbitrary code by convincing an application to load a maliciously constructed tzfile. (CVE-2009-5029)\n\nIt was discovered that the GNU C Library did not properly handle passwd.adjunct.byname map entries in the Network Information Service (NIS) code in the name service caching daemon (nscd). An attacker could use this to obtain the encrypted passwords of NIS accounts. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-0015)\n\nChris Evans reported that the GNU C Library did not properly calculate the amount of memory to allocate in the fnmatch() code. An attacker could use this to cause a denial of service or possibly execute arbitrary code via a maliciously crafted UTF-8 string. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 10.10. (CVE-2011-1071)\n\nTomas Hoger reported that an additional integer overflow was possible in the GNU C Library fnmatch() code. An attacker could use this to cause a denial of service via a maliciously crafted UTF-8 string. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1659)\n\nDan Rosenberg discovered that the addmntent() function in the GNU C Library did not report an error status for failed attempts to write to the /etc/mtab file. This could allow an attacker to corrupt /etc/mtab, possibly causing a denial of service or otherwise manipulate mount options. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1089)\n\nHarald van Dijk discovered that the locale program included with the GNU C library did not properly quote its output. This could allow a local attacker to possibly execute arbitrary code using a crafted localization string that was evaluated in a shell script. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu 10.10. (CVE-2011-1095)\n\nIt was discovered that the GNU C library loader expanded the $ORIGIN dynamic string token when RPATH is composed entirely of this token. This could allow an attacker to gain privilege via a setuid program that had this RPATH value. (CVE-2011-1658)\n\nIt was discovered that the GNU C library implementation of memcpy optimized for Supplemental Streaming SIMD Extensions 3 (SSSE3) contained a possible integer overflow. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. (CVE-2011-2702)\n\nJohn Zimmerman discovered that the Remote Procedure Call (RPC) implementation in the GNU C Library did not properly handle large numbers of connections. This could allow a remote attacker to cause a denial of service. (CVE-2011-4609)\n\nIt was discovered that the GNU C Library vfprintf() implementation contained a possible integer overflow in the format string protection code offered by FORTIFY_SOURCE. An attacker could use this flaw in conjunction with a format string vulnerability to bypass the format string protection and possibly execute arbitrary code. (CVE-2012-0864)", "published": "2012-03-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/1396-1/", "cvelist": ["CVE-2012-0864", "CVE-2010-0015", "CVE-2011-4609", "CVE-2011-1658", "CVE-2011-1659", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-2702", "CVE-2011-1089"], "lastseen": "2018-03-29T18:19:28"}, {"id": "USN-944-1", "type": "ubuntu", "title": "GNU C Library vulnerabilities", "description": "Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. (Ubuntu 10.04 was not affected.) (CVE-2008-1391)\n\nJeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges. (CVE-2010-0296)\n\nDan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges. (CVE-2010-0830)", "published": "2010-05-25T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/944-1/", "cvelist": ["CVE-2010-0296", "CVE-2010-0830", "CVE-2009-4880", "CVE-2008-1391"], "lastseen": "2018-03-29T18:18:31"}], "vmware": [{"id": "VMSA-2012-0018", "type": "vmware", "title": "VMware security updates for vCSA, vCenter Server, and ESXi", "description": "a. vCenter Server Appliance directory traversal \n \n\n\nThe vCenter Server Appliance (vCSA) contains a directory traversal vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server. \n \nVMware would like to thank Alexander Minozhenko from ERPScan for reporting this issue to us. \n \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-6324 to this issue. \n \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.\n", "published": "2012-12-20T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2012-0018.html", "cvelist": ["CVE-2012-0864", "CVE-2011-4609", "CVE-2012-6325", "CVE-2012-3404", "CVE-2012-6326", "CVE-2012-6324", "CVE-2012-3405", "CVE-2010-0830", "CVE-2012-3480", "CVE-2009-5029", "CVE-2012-3406", "CVE-2011-1089", "CVE-2009-5064"], "lastseen": "2016-09-04T11:19:39"}, {"id": "VMSA-2012-0013", "type": "vmware", "title": "VMware vSphere and vCOps updates to third party libraries", "description": "a. vCenter and ESX update to JRE 1.6.0 Update 31 \nThe Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple security issues. Oracle has documented the CVE identifiers that are addressed by this update in the Oracle Java SE Critical Patch Update Advisory of February 2012. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "published": "2012-08-30T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2012-0013.html", "cvelist": ["CVE-2012-0864", "CVE-2011-3188", "CVE-2011-4108", "CVE-2011-4609", "CVE-2011-4128", "CVE-2012-0815", "CVE-2011-3597", "CVE-2011-4324", "CVE-2011-4110", "CVE-2011-4576", "CVE-2011-4577", "CVE-2010-4180", "CVE-2010-4410", "CVE-2011-2699", "CVE-2011-4619", "CVE-2010-2761", "CVE-2011-4132", "CVE-2011-0014", "CVE-2010-0830", "CVE-2011-2484", "CVE-2012-1583", "CVE-2012-0061", "CVE-2012-0393", "CVE-2011-3209", "CVE-2012-0050", "CVE-2011-3363", "CVE-2012-0060", "CVE-2011-1833", "CVE-2012-0207", "CVE-2011-1020", "CVE-2012-2110", "CVE-2012-1569", "CVE-2010-4252", "CVE-2012-0841", "CVE-2009-5029", "CVE-2011-4325", "CVE-2012-1573", "CVE-2011-4109", "CVE-2011-1089", "CVE-2009-5064", "CVE-2011-2496"], "lastseen": "2016-09-04T11:19:35"}], "debian": [{"id": "DSA-2058", "type": "debian", "title": "glibc, eglibc -- multiple vulnerabilities", "description": "Several vulnerabilities have been discovered in the GNU C Library (aka glibc) and its derivatives. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2008-1391](<https://security-tracker.debian.org/tracker/CVE-2008-1391>), [CVE-2009-4880](<https://security-tracker.debian.org/tracker/CVE-2009-4880>), [CVE-2009-4881](<https://security-tracker.debian.org/tracker/CVE-2009-4881>)\n\nMaksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon family of functions. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service.\n\n * [CVE-2010-0296](<https://security-tracker.debian.org/tracker/CVE-2010-0296>)\n\nJeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges.\n\n * [CVE-2010-0830](<https://security-tracker.debian.org/tracker/CVE-2010-0830>)\n\nDan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges.\n\nFor the stable distribution (lenny), these problems have been fixed in version 2.7-18lenny4 of the glibc package.\n\nFor the testing distribution (squeeze), these problems will be fixed soon.\n\nFor the unstable distribution (sid), these problems has been fixed in version 2.1.11-1 of the eglibc package.\n\nWe recommend that you upgrade your glibc or eglibc packages.", "published": "2010-06-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-2058", "cvelist": ["CVE-2009-4881", "CVE-2010-0296", "CVE-2010-0830", "CVE-2009-4880", "CVE-2008-1391"], "lastseen": "2016-09-02T18:29:20"}], "gentoo": [{"id": "GLSA-201011-01", "type": "gentoo", "title": "GNU C library: Multiple vulnerabilities", "description": "### Background\n\nThe GNU C library is the standard C library used by Gentoo Linux systems. \n\n### Description\n\nMultiple vulnerabilities were found in glibc, amongst others the widely-known recent LD_AUDIT and $ORIGIN issues. For further information please consult the CVE entries referenced below. \n\n### Impact\n\nA local attacker could execute arbitrary code as root, cause a Denial of Service, or gain privileges. Additionally, a user-assisted remote attacker could cause the execution of arbitrary code, and a context-dependent attacker could cause a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll GNU C library users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-libs/glibc-2.11.2-r3\"", "published": "2010-11-15T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201011-01", "cvelist": ["CVE-2009-4881", "CVE-2010-0296", "CVE-2010-0830", "CVE-2010-3856", "CVE-2009-4880", "CVE-2010-3847"], "lastseen": "2016-09-06T19:46:56"}, {"id": "GLSA-201312-01", "type": "gentoo", "title": "GNU C Library: Multiple vulnerabilities", "description": "### Background\n\nThe GNU C library is the standard C library used by Gentoo Linux systems. \n\n### Description\n\nMultiple vulnerabilities have been discovered in GNU C Library. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local attacker could trigger vulnerabilities in dynamic library loader, making it possible to load attacker-controlled shared objects during execution of setuid/setgid programs to escalate privileges. \n\nA context-dependent attacker could trigger various vulnerabilities in GNU C Library, including a buffer overflow, leading to execution of arbitrary code or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GNU C Library users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-libs/glibc-2.15-r3\"", "published": "2013-12-03T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201312-01", "cvelist": ["CVE-2012-0864", "CVE-2011-1658", "CVE-2011-1659", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2009-5029", "CVE-2011-0536", "CVE-2011-1089"], "lastseen": "2016-09-06T19:46:23"}], "suse": [{"id": "SUSE-SA:2010:052", "type": "suse", "title": "local privilege escalation in glibc", "description": "The Linux C library glibc was updated to fix critical security issues and several bugs:\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2010-10-28T13:41:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html", "cvelist": ["CVE-2010-2942", "CVE-2010-3078", "CVE-2010-3297", "CVE-2010-0015", "CVE-2010-2955", "CVE-2010-2946", "CVE-2010-0296", "CVE-2010-3310", "CVE-2010-3296", "CVE-2010-0830", "CVE-2010-3015", "CVE-2010-2954", "CVE-2010-3856", "CVE-2010-2803", "CVE-2010-3847", "CVE-2010-2798", "CVE-2008-1391", "CVE-2010-3080"], "lastseen": "2016-09-04T12:03:50"}, {"id": "OPENSUSE-SU-2012:0064-1", "type": "suse", "title": "glibc (important)", "description": "Specially crafted time zone files could cause a heap\n overflow in glibc (CVE-2009-5029).\n\n", "published": "2012-01-05T19:08:22", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00040.html", "cvelist": ["CVE-2009-5029"], "lastseen": "2016-09-04T11:45:28"}, {"id": "SUSE-SU-2012:0023-1", "type": "suse", "title": "Security update for glibc (important)", "description": "The following bug has been fixed:\n\n * Specially crafted time zone files could cause a heap\n overflow in glibc.\n", "published": "2012-01-05T12:08:52", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00030.html", "cvelist": ["CVE-2009-5029"], "lastseen": "2016-09-04T11:43:32"}, {"id": "SUSE-SU-2012:0055-1", "type": "suse", "title": "Security update for glibc (important)", "description": "The following bug has been fixed:\n\n * Specially crafted time zone files could cause a heap\n overflow in glibc.\n", "published": "2012-01-05T12:36:28", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00037.html", "cvelist": ["CVE-2009-5029"], "lastseen": "2016-09-04T11:46:38"}, {"id": "SUSE-SU-2012:0033-1", "type": "suse", "title": "Security update for glibc (important)", "description": "The following bug has been fixed:\n\n * Specially crafted time zone files could cause a heap\n overflow in glibc.\n", "published": "2012-01-05T12:25:46", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00032.html", "cvelist": ["CVE-2009-5029"], "lastseen": "2016-09-04T11:56:09"}], "slackware": [{"id": "SSA-2012-041-03", "type": "slackware", "title": "glibc", "description": "New glibc packages are available for Slackware 13.1, 13.37, and -current to\nfix a security issue.\n\n\nHere are the details from the Slackware 13.37 ChangeLog:\n\npatches/packages/glibc-2.13-i486-5_slack13.37.txz: Rebuilt.\n Patched an overflow in tzfile. This was evidently first reported in\n 2009, but is only now getting around to being patched. To exploit it,\n one must be able to write beneath /usr/share/zoneinfo, which is usually\n not possible for a normal user, but may be in the case where they are\n chroot()ed to a directory that they own.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029\n (* Security fix *)\npatches/packages/glibc-i18n-2.13-i486-5_slack13.37.txz: Rebuilt.\npatches/packages/glibc-profile-2.13-i486-5_slack13.37.txz: Rebuilt.\n (* Security fix *)\npatches/packages/glibc-solibs-2.13-i486-5_slack13.37.txz: Rebuilt.\n (* Security fix *)\npatches/packages/glibc-zoneinfo-2.13-noarch-5_slack13.37.txz: Rebuilt.\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\n\nUpdated packages for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-2.11.1-i486-6_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-i18n-2.11.1-i486-6_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-profile-2.11.1-i486-6_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-solibs-2.11.1-i486-6_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-zoneinfo-2.11.1-noarch-6_slack13.1.txz\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-2.11.1-x86_64-6_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-i18n-2.11.1-x86_64-6_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-profile-2.11.1-x86_64-6_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-solibs-2.11.1-x86_64-6_slack13.1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-zoneinfo-2.11.1-noarch-6_slack13.1.txz\n\nUpdated packages for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-2.13-i486-5_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-i18n-2.13-i486-5_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-profile-2.13-i486-5_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-solibs-2.13-i486-5_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-zoneinfo-2.13-noarch-5_slack13.37.txz\n\nUpdated packages for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-2.13-x86_64-5_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-i18n-2.13-x86_64-5_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-profile-2.13-x86_64-5_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-solibs-2.13-x86_64-5_slack13.37.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-zoneinfo-2.13-noarch-5_slack13.37.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-solibs-2.14.1-i486-4.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-zoneinfo-2011i_2011n-noarch-4.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-2.14.1-i486-4.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-i18n-2.14.1-i486-4.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-profile-2.14.1-i486-4.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-solibs-2.14.1-x86_64-4.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-zoneinfo-2011i_2011n-noarch-4.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-2.14.1-x86_64-4.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-i18n-2.14.1-x86_64-4.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-profile-2.14.1-x86_64-4.txz\n\n\nMD5 signatures:\n\nSlackware 13.1 packages:\nc7f0d5af7b32d6259272956bf1621ce0 glibc-2.11.1-i486-6_slack13.1.txz\nd80c53f769a30b407e303eb440e326e3 glibc-i18n-2.11.1-i486-6_slack13.1.txz\n6b9eb872a8368a13d71cecf8e031d2be glibc-profile-2.11.1-i486-6_slack13.1.txz\nba34c30c27d42c61190979884e8b8697 glibc-solibs-2.11.1-i486-6_slack13.1.txz\n74afbffcfb20ac6235945930a8a0ac57 glibc-zoneinfo-2.11.1-noarch-6_slack13.1.txz\n\nSlackware x86_64 13.1 packages:\na9bfcb4a0fde94a9355ecce905bb3ba4 glibc-2.11.1-x86_64-6_slack13.1.txz\n6f7df8a5ac48f364fff364f679430ea5 glibc-i18n-2.11.1-x86_64-6_slack13.1.txz\n1590ae7b50153b2d28489b9192126120 glibc-profile-2.11.1-x86_64-6_slack13.1.txz\n067bcd52acc3552bf2a77126fd12605e glibc-solibs-2.11.1-x86_64-6_slack13.1.txz\nce56ec387a50c00425d4dcf88ba71ee2 glibc-zoneinfo-2.11.1-noarch-6_slack13.1.txz\n\nSlackware 13.37 packages:\ndacaa396b83346f0313e85356ba496ad glibc-2.13-i486-5_slack13.37.txz\ne6238c92c6a97a56274d91e342e2ef07 glibc-i18n-2.13-i486-5_slack13.37.txz\naca444c2c834c1bbbb1fdcd08f381f5d glibc-profile-2.13-i486-5_slack13.37.txz\n04db99e0770b06af713322daa35f9463 glibc-solibs-2.13-i486-5_slack13.37.txz\nfe22b8ba56e8a14d025943d6a53f0a22 glibc-zoneinfo-2.13-noarch-5_slack13.37.txz\n\nSlackware x86_64 13.37 packages:\nab90f9581621a4b9e1f41fdd1c583a25 glibc-2.13-x86_64-5_slack13.37.txz\nd82fef5b1e734c9fd9aee358139dccaa glibc-i18n-2.13-x86_64-5_slack13.37.txz\nf26848e2ef7a2ed367a73fded8d51e2a glibc-profile-2.13-x86_64-5_slack13.37.txz\n1f4b8e716764c98c7c261fb7d7c19557 glibc-solibs-2.13-x86_64-5_slack13.37.txz\n553c32ce3937c8700dde84bad4b5467c glibc-zoneinfo-2.13-noarch-5_slack13.37.txz\n\nSlackware -current packages:\ncc98a5b0a120a3350b17d087af3a2163 a/glibc-solibs-2.14.1-i486-4.txz\nb549864a76c55b71f385eaf9077cf6ac a/glibc-zoneinfo-2011i_2011n-noarch-4.txz\n8522cbc56aec9af6c9c8e58fb5ee71c4 l/glibc-2.14.1-i486-4.txz\n98561de06536ce17b221774f39316933 l/glibc-i18n-2.14.1-i486-4.txz\n8a7ac4e4796eaefc6447222f7ce6eedf l/glibc-profile-2.14.1-i486-4.txz\n\nSlackware x86_64 -current packages:\n83121e8a4e8e46d2faa58221382f914c a/glibc-solibs-2.14.1-x86_64-4.txz\n8245bc6fb5e59fa905df708391bd3f89 a/glibc-zoneinfo-2011i_2011n-noarch-4.txz\nca3c22ff543e900bfd4516ba4af7cf34 l/glibc-2.14.1-x86_64-4.txz\ne2650c24a1a69138f544e98d8653f2a9 l/glibc-i18n-2.14.1-x86_64-4.txz\n23c2f013552e8a0561168897866fcb53 l/glibc-profile-2.14.1-x86_64-4.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg glibc-2.13-i486-5_slack13.37.txz glibc-i18n-2.13-i486-5_slack13.37.txz glibc-profile-2.13-i486-5_slack13.37.txz glibc-solibs-2.13-i486-5_slack13.37.txz glibc-zoneinfo-2.13-noarch-5_slack13.37.txz", "published": "2012-02-10T09:44:30", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.806982", "cvelist": ["CVE-2009-5029"], "lastseen": "2018-02-02T18:11:34"}], "exploitdb": [{"id": "EDB-ID:36404", "type": "exploitdb", "title": "GNU glibc Timezone Parsing Remote Integer Overflow Vulnerability", "description": "GNU glibc Timezone Parsing Remote Integer Overflow Vulnerability. CVE-2009-5029. Dos exploit for linux platform", "published": "2009-06-01T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/36404/", "cvelist": ["CVE-2009-5029"], "lastseen": "2016-02-04T03:26:33"}]}}
