6.9

CVE-2010-3847

Exploit
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuGlibc Version <= 2.11.2
GnuGlibc Version1.00
GnuGlibc Version1.01
GnuGlibc Version1.02
GnuGlibc Version1.03
GnuGlibc Version1.04
GnuGlibc Version1.05
GnuGlibc Version1.06
GnuGlibc Version1.07
GnuGlibc Version1.08
GnuGlibc Version1.09
GnuGlibc Version1.09.1
GnuGlibc Version2.0
GnuGlibc Version2.0.1
GnuGlibc Version2.0.2
GnuGlibc Version2.0.3
GnuGlibc Version2.0.4
GnuGlibc Version2.0.5
GnuGlibc Version2.0.6
GnuGlibc Version2.1
GnuGlibc Version2.1.1
GnuGlibc Version2.1.1.6
GnuGlibc Version2.1.2
GnuGlibc Version2.1.3
GnuGlibc Version2.1.3.10
GnuGlibc Version2.1.9
GnuGlibc Version2.2
GnuGlibc Version2.2.1
GnuGlibc Version2.2.2
GnuGlibc Version2.2.3
GnuGlibc Version2.2.4
GnuGlibc Version2.2.5
GnuGlibc Version2.3
GnuGlibc Version2.3.1
GnuGlibc Version2.3.2
GnuGlibc Version2.3.3
GnuGlibc Version2.3.4
GnuGlibc Version2.3.5
GnuGlibc Version2.3.6
GnuGlibc Version2.3.10
GnuGlibc Version2.4
GnuGlibc Version2.5
GnuGlibc Version2.5.1
GnuGlibc Version2.6
GnuGlibc Version2.6.1
GnuGlibc Version2.7
GnuGlibc Version2.8
GnuGlibc Version2.9
GnuGlibc Version2.10
GnuGlibc Version2.10.1
GnuGlibc Version2.10.2
GnuGlibc Version2.11
GnuGlibc Version2.11.1
GnuGlibc Version2.12.0
GnuGlibc Version2.12.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.75% 0.945
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html
http://security.gentoo.org/glsa/glsa-201011-01.xml
http://secunia.com/advisories/42787
Vendor Advisory
http://www.securityfocus.com/archive/1/515545/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0001.html
http://www.vupen.com/english/advisories/2011/0025
Vendor Advisory
http://seclists.org/fulldisclosure/2010/Oct/257
Exploit
http://seclists.org/fulldisclosure/2010/Oct/292
http://seclists.org/fulldisclosure/2010/Oct/294
http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html
Patch
http://support.avaya.com/css/P8/documents/100120941
http://www.debian.org/security/2010/dsa-2122
http://www.kb.cert.org/vuls/id/537223
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2010:207
http://www.redhat.com/support/errata/RHSA-2010-0872.html
http://www.securityfocus.com/bid/44154
http://www.ubuntu.com/usn/USN-1009-1
https://bugzilla.redhat.com/show_bug.cgi?id=643306
Patch
https://rhn.redhat.com/errata/RHSA-2010-0787.html
https://www.exploit-db.com/exploits/44024/
https://www.exploit-db.com/exploits/44025/