Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:15008
HistoryDec 02, 2009 - 12:00 a.m.

GNU Libtool libltdl库搜索路径本地权限提升漏洞

2009-12-0200:00:00
Root
www.seebug.org
36

0.0004 Low

EPSS

Percentile

8.6%

JSON

BUGTRAQ ID: 37128
CVE ID: CVE-2009-3736

GNU libtool是一个通用库支持脚本,将使用动态库的复杂性隐藏在统一、可移植的接口中。

GNU Libtool的libltdl库中的ltdl.c文件将当前工作目录用作了库的搜索路径,如果攻击者创建了恶意的共享对象或.la文件并诱骗用户使用同一目录中的libtool库执行应用程序,就会导致执行任意代码。

GNU libtool 2.2.6
GNU libtool 1.5.x
厂商补丁:

GNU

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html


                                                https://bugzilla.redhat.com/attachment.cgi?id=372311

Related

openvas 94
fedora 23
nessus 49
prion 1
debian 1
cve 1
freebsd 1
oraclelinux 2
redhat 3
centos 2
osv 1
veracode 1
ubuntucve 1
debiancve 1
gentoo 2
vmware 2
openvas
openvas
CentOS Update for libtool CESA-2009:1646 centos4 i386
2011-08-09 00:00:00
Fedora Update for libprelude FEDORA-2010-8756
2010-05-28 00:00:00
Fedora Update for hamlib FEDORA-2010-4407
2010-04-06 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: hamlib-1.2.8-4.fc11
2010-04-03 04:48:25
[SECURITY] Fedora 11 Update: gnash-0.8.6-13.fc11
2010-02-13 00:39:09
[SECURITY] Fedora 11 Update: mingw32-libltdl-1.5.26-17.fc11
2010-02-26 03:40:29
nessus
nessus
openSUSE Security Update : libltdl-3 (libltdl-3-1638)
2010-01-05 00:00:00
CentOS 3 / 4 / 5 : libtool (CESA-2009:1646)
2009-12-09 00:00:00
Fedora 13 : q-7.11-8.fc13 (2011-1958)
2011-03-04 00:00:00
prion
prion
Code injection
2009-11-29 13:07:00
debian
debian
[SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation
2009-12-29 17:27:07
cve
cve
CVE-2009-3736
2009-11-29 13:07:00
freebsd
freebsd
libtool -- Library Search Path Privilege Escalation Issue
2009-11-25 00:00:00
oraclelinux
oraclelinux
libtool security update
2009-12-08 00:00:00
gcc and gcc4 security update
2010-01-13 00:00:00
redhat
redhat
(RHSA-2009:1646) Moderate: libtool security update
2009-12-08 00:00:00
(RHSA-2010:0039) Moderate: gcc and gcc4 security update
2010-01-13 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
centos
centos
cpp, gcc, gcc4, libf2c, libgcc, libgcj, libgcj4, libgfortran, libgnat, libgomp, libmudflap, libobjc, libstdc++ security update
2010-01-14 12:58:41
libtool security update
2009-12-08 22:18:58
osv
osv
libtool - privilege escalation
2009-12-29 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:41:57
ubuntucve
ubuntucve
CVE-2009-3736
2009-11-29 00:00:00
debiancve
debiancve
CVE-2009-3736
2009-11-29 13:07:00
gentoo
gentoo
GraphicsMagick: Multiple vulnerabilities
2013-11-19 00:00:00
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00
vmware
vmware
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00

0.0004 Low

EPSS

Percentile

8.6%

JSON
Related for SSV:15008
openvas94fedora23nessus49prion1debian1cve1freebsd1oraclelinux2redhat3centos2osv1veracode1ubuntucve1debiancve1gentoo2vmware2