Download
| Alert*
oval:org.secpod.oval:def:700088
Tavis Ormandy discovered multiple flaws in the GNU C Library"s handling of the LD_AUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges oval:org.secpod.oval:def:600023 Ben Hawkes and Tavis Ormandy discovered that the dynamic loader in GNU libc allows local users to gain root privileges using a crafted LD_AUDIT environment variable. For the stable distribution , this problem has been fixed in version 2.7-18lenny6. For the upcoming stable distribution , this problem ... oval:org.secpod.oval:def:201801 The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. It was discovered that the glibc dynamic linker/loader did not per ... oval:org.secpod.oval:def:600195 Colin Watson discovered that the update for stable relased in DSA-2122-1 did not complete address the underlying security issue in all possible scenarios. oval:org.secpod.oval:def:103267 The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets ... oval:org.secpod.oval:def:103289 The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets ... oval:org.secpod.oval:def:700204 USN-1009-1 fixed vulnerabilities in the GNU C library. Colin Watson discovered that the fixes were incomplete and introduced flaws with setuid programs loading libraries that used dynamic string tokens in their RPATH. If the "man" program was installed setuid, a local attacker could exploi ... oval:org.secpod.oval:def:103297 The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets ... oval:org.secpod.oval:def:201803 The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. It was discovered that the glibc dynamic linker/loader did not per ... oval:org.secpod.oval:def:300232 A vulnerability in the GNU C library was discovered which could escalate the privilegies for local users . Packages for 2009.0 are provided as of the Extended Maintenance Program oval:org.secpod.oval:def:500442 The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. It was discovered that the glibc dynamic linker/loader did not han ... oval:org.secpod.oval:def:1503370 Updated glibc packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are ... oval:org.secpod.oval:def:500467 The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. It was discovered that the glibc dynamic linker/loader did not per ... oval:org.secpod.oval:def:400056 The Linux C library glibc was updated to fix critical security issues and several bugs: CVE-2010-3847: Decoding of the $ORIGIN special value in various LD_ environment variables allowed local attackers to execute code in context of e.g. setuid root programs, elevating privileges. This specific issue ... |