6.9

CVE-2009-5064

Exploit
ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks.  NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuGlibc Version <= 2.1.3
GnuGlibc Version1.00
GnuGlibc Version1.01
GnuGlibc Version1.02
GnuGlibc Version1.03
GnuGlibc Version1.04
GnuGlibc Version1.05
GnuGlibc Version1.06
GnuGlibc Version1.07
GnuGlibc Version1.08
GnuGlibc Version1.09
GnuGlibc Version1.09.1
GnuGlibc Version2.0
GnuGlibc Version2.0.1
GnuGlibc Version2.0.2
GnuGlibc Version2.0.3
GnuGlibc Version2.0.4
GnuGlibc Version2.0.5
GnuGlibc Version2.0.6
GnuGlibc Version2.1
GnuGlibc Version2.1.1
GnuGlibc Version2.1.1.6
GnuGlibc Version2.1.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.54% 0.416
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://openwall.com/lists/oss-security/2011/03/07/10
Exploit
http://openwall.com/lists/oss-security/2011/03/07/13
Patch
Exploit
http://openwall.com/lists/oss-security/2011/03/07/7
Exploit
http://openwall.com/lists/oss-security/2011/03/08/1
Patch
Exploit
http://openwall.com/lists/oss-security/2011/03/08/10
Patch
Exploit
http://openwall.com/lists/oss-security/2011/03/08/2
Patch
Exploit
http://openwall.com/lists/oss-security/2011/03/08/3
Patch
Exploit
http://openwall.com/lists/oss-security/2011/03/08/7
Patch
Exploit
http://reverse.lostrealm.com/protect/ldd.html
Exploit
http://www.catonmat.net/blog/ldd-arbitrary-code-execution/
Exploit
http://www.redhat.com/support/errata/RHSA-2011-1526.html
https://bugzilla.redhat.com/show_bug.cgi?id=531160
Patch
Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=682998
Patch
Exploit