Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1958-1
HistoryDec 29, 2009 - 12:00 a.m.

libtool - privilege escalation

2009-12-2900:00:00
Google
osv.dev
7

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

JSON

It was discovered that ltdl, a system-independent dlopen wrapper for
GNU libtool, can be tricked to load and run modules from an arbitrary
directory, which might be used to execute arbitrary code with the
privileges of the user running an application that uses libltdl.

For the oldstable distribution (etch), this problem has been fixed in
version 1.5.22-4+etch1.

For the stable distribution (lenny), this problem has been fixed in
version 1.5.26-4+lenny1.

For the testing distribution (squeeze) and unstable distribution (sid),
this problem has been fixed in 2.2.6b-1.

We recommend that you upgrade your libtool packages.

CPENameOperatorVersion
libtooleq1.5.26-4

Related

nessus 49
openvas 94
fedora 23
prion 1
debian 1
cve 1
freebsd 1
seebug 1
oraclelinux 2
redhat 3
centos 2
veracode 1
ubuntucve 1
debiancve 1
gentoo 2
vmware 2
nessus
nessus
CentOS 3 / 4 / 5 : gcc / gcc4 (CESA-2010:0039)
2010-01-15 00:00:00
Fedora 15 : q-7.11-10.fc15 (2011-1990)
2011-03-03 00:00:00
SuSE 11 Security Update : libtool (SAT Patch Number 1626)
2010-01-05 00:00:00
openvas
openvas
Fedora Update for gnu-smalltalk FEDORA-2010-4339
2010-03-22 00:00:00
Mandriva Security Advisory MDVSA-2009:307-1 (libtool)
2009-12-10 00:00:00
CentOS Update for cpp CESA-2010:0039 centos3 x86_64
2010-01-19 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: mingw32-libltdl-1.5.26-20.fc12
2010-02-26 03:38:25
[SECURITY] Fedora 13 Update: esorex-3.7.2-6.fc13
2010-03-10 06:54:45
[SECURITY] Fedora 12 Update: gnu-smalltalk-3.1-8.fc12
2010-03-20 03:33:32
prion
prion
Code injection
2009-11-29 13:07:00
debian
debian
[SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation
2009-12-29 17:27:07
cve
cve
CVE-2009-3736
2009-11-29 13:07:00
freebsd
freebsd
libtool -- Library Search Path Privilege Escalation Issue
2009-11-25 00:00:00
seebug
seebug
GNU Libtool libltdl库搜索路径本地权限提升漏洞
2009-12-02 00:00:00
oraclelinux
oraclelinux
libtool security update
2009-12-08 00:00:00
gcc and gcc4 security update
2010-01-13 00:00:00
redhat
redhat
(RHSA-2009:1646) Moderate: libtool security update
2009-12-08 00:00:00
(RHSA-2010:0039) Moderate: gcc and gcc4 security update
2010-01-13 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
centos
centos
cpp, gcc, gcc4, libf2c, libgcc, libgcj, libgcj4, libgfortran, libgnat, libgomp, libmudflap, libobjc, libstdc++ security update
2010-01-14 12:58:41
libtool security update
2009-12-08 22:18:58
veracode
veracode
Privilege Escalation
2020-04-10 00:41:57
ubuntucve
ubuntucve
CVE-2009-3736
2009-11-29 00:00:00
debiancve
debiancve
CVE-2009-3736
2009-11-29 13:07:00
gentoo
gentoo
GraphicsMagick: Multiple vulnerabilities
2013-11-19 00:00:00
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00
vmware
vmware
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-1958-1
nessus49openvas94fedora23prion1debian1cve1freebsd1seebug1oraclelinux2redhat3centos2veracode1ubuntucve1debiancve1gentoo2vmware2