[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-3736Date: (C)2009-11-29   (M)2023-12-22


ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.9
Exploit Score: 3.4
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-37128
SECUNIA-37414
SECUNIA-37489
SECUNIA-37997
SECUNIA-38190
SECUNIA-38577
SECUNIA-38617
SECUNIA-38696
SECUNIA-38915
SECUNIA-39299
SECUNIA-39347
SECUNIA-43617
SECUNIA-55721
ADV-2011-0574
FEDORA-2009-12813
FEDORA-2010-1872
FEDORA-2010-1924
FEDORA-2011-1958
FEDORA-2011-1967
FEDORA-2011-1990
GLSA-201311-10
MDVSA-2009:307
MDVSA-2010:035
MDVSA-2010:091
MDVSA-2010:105
RHSA-2010:0039
RHSA-2010:0095
SUSE-SR:2010:006
http://lists.gnu.org/archive/html/libtool/2009-11/msg00065.html
http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html
ftp://ftp.gnu.org/gnu/libtool/libtool-2.2.6a-2.2.6b.diff.gz
http://git.savannah.gnu.org/cgit/libtool.git/commit/?h=branch-1-5&id=29b48580df75f0c5baa2962548a4c101ec7ed7ec
http://hamlib.svn.sourceforge.net/viewvc/hamlib/trunk/libltdl/Makefile.am?revision=2841&view=markup
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://support.avaya.com/css/P8/documents/100074869
https://bugzilla.redhat.com/show_bug.cgi?id=537941
oval:org.mitre.oval:def:11687
oval:org.mitre.oval:def:6951

CPE    1
cpe:/a:gnu:libtool:1.5
OVAL    46
oval:org.secpod.oval:def:300697
oval:org.secpod.oval:def:201939
oval:org.secpod.oval:def:100280
oval:org.secpod.oval:def:100838
...

© SecPod Technologies