Višestruki nedostaci paketa glibc

U radu programskog paketa glibc uočeni su višestruki sigurnosni nedostaci. Napadači ih mogu iskoristiti za stjecanje većih ovlasti, pokretanje proizvoljnog programskog koda, izvođenje DoS napada i otkrivanje osjetljivih informacija.

Paket:	glibc 2.x
Operacijski sustavi:	Mandriva Linux 2010.1, Mandriva Linux Enterprise Server 5.0
Kritičnost:	7.4
Problem:	cjelobrojno prepisivanje, neodgovarajuće rukovanje datotekama, pogreška u programskoj funkciji
Iskorištavanje:	lokalno/udaljeno
Posljedica:	dobivanje većih privilegija, otkrivanje osjetljivih informacija, proizvoljno izvršavanje programskog koda, uskraćivanje usluga (DoS)
Rješenje:	programska zakrpa proizvođača
CVE:	CVE-2011-0536, CVE-2010-2898, CVE-2011-1071, CVE-2011-1089, CVE-2011-1095, CVE-2011-1659, CVE-2011-2483
Izvorni ID preporuke:	MDVSA-2011:178
Izvor:	Mandriva

Problem:
Nedostaci su posljedica prepisivanja cjelobrojne varijable u datoteci "posix/fnmatch.c", pogreške u funkciji "addmntent", nepravilnosti u "locale/programs/locale.c" i "elf/dl-object.c", itd. Za više detalja preporuča se čitanje izvorne preporuke.
Posljedica:
Napadaču ranjivosti omogućuju izvođenje DoS napada, pokretanje proizvoljnog programskog koda, dobivanje većih ovlasti i otkrivanje osjetljivih informacija.
Rješenje:
Korisnicima se savjetuje instalacija odgovarajućih zakrpa.

Izvorni tekst preporuke

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:178
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : glibc
 Date    : November 25, 2011
 Affected: 2010.1, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities was discovered and fixed in glibc:
 
 Multiple untrusted search path vulnerabilities in elf/dl-object.c in
 certain modified versions of the GNU C Library (aka glibc or libc6),
 including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat
 Enterprise Linux, allow local users to gain privileges via a crafted
 dynamic shared object (DSO) in a subdirectory of the current working
 directory during execution of a (1) setuid or (2) setgid program that
 has  in (a) RPATH or (b) RUNPATH.  NOTE: this issue exists because
 of an incorrect fix for CVE-2010-3847 (CVE-2011-0536).
 
 The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC
 (EGLIBC) allow context-dependent attackers to execute arbitrary code
 or cause a denial of service (memory consumption) via a long UTF8
 string that is used in an fnmatch call, aka a stack extension attack,
 a related issue to CVE-2010-2898, as originally reported for use of
 this library by Google Chrome (CVE-2011-1071).
 
 The addmntent function in the GNU C Library (aka glibc or libc6) 2.13
 and earlier does not report an error status for failed attempts to
 write to the /etc/mtab file, which makes it easier for local users
 to trigger corruption of this file, as demonstrated by writes from
 a process with a small RLIMIT_FSIZE value, a different vulnerability
 than CVE-2010-0296 (CVE-2011-1089).
 
 locale/programs/locale.c in locale in the GNU C Library (aka glibc
 or libc6) before 2.13 does not quote its output, which might allow
 local users to gain privileges via a crafted localization environment
 variable, in conjunction with a program that executes a script that
 uses the eval function (CVE-2011-1095).
 
 Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or
 libc6) 2.13 and earlier allows context-dependent attackers to cause a
 denial of service (application crash) via a long UTF8 string that is
 used in an fnmatch call with a crafted pattern argument, a different
 vulnerability than CVE-2011-1071 (CVE-2011-1659).
 
 crypt_blowfish before 1.1, as used in glibc on certain platforms,
 does not properly handle 8-bit characters, which makes it easier
 for context-dependent attackers to determine a cleartext password by
 leveraging knowledge of a password hash (CVE-2011-2483).
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0536
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1071
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1089
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1095
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.1:
 4af7f6efb12c5be3ad435a6d9865be57  2010.1/i586/glibc-2.11.1-8.3mnb2.i586.rpm
 82f97e43fc7ab7ee2fbfc92d9ed844f0 
2010.1/i586/glibc-devel-2.11.1-8.3mnb2.i586.rpm
 013f4da3b270a6860e9ae171b456a488 
2010.1/i586/glibc-doc-2.11.1-8.3mnb2.i586.rpm
 65da2025a253885a3a3e0699eb407a61 
2010.1/i586/glibc-doc-pdf-2.11.1-8.3mnb2.i586.rpm
 e5b6f256bad2b8afa7674e2f4d3c80bc 
2010.1/i586/glibc-i18ndata-2.11.1-8.3mnb2.i586.rpm
 319ecf5d08bc0e0aab9b0cf3e5cf6a6e 
2010.1/i586/glibc-profile-2.11.1-8.3mnb2.i586.rpm
 99c144bfc7581d9f3b885c7a630c89ce 
2010.1/i586/glibc-static-devel-2.11.1-8.3mnb2.i586.rpm
 966e023400d62e841942b69bae4d06de 
2010.1/i586/glibc-utils-2.11.1-8.3mnb2.i586.rpm
 577f1f88b14add8ea8753b17d730cb8a  2010.1/i586/nscd-2.11.1-8.3mnb2.i586.rpm 
 2e1bffb07071cb21ef6363c21588f4b7  2010.1/SRPMS/glibc-2.11.1-8.3mnb2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 05e4da86aea47726b27c00e3f26e3445 
2010.1/x86_64/glibc-2.11.1-8.3mnb2.x86_64.rpm
 d3689fe0a7ae8e4c0e309b34c82cabfd 
2010.1/x86_64/glibc-devel-2.11.1-8.3mnb2.x86_64.rpm
 b8be4de2a9c6a8e3effe06234429a227 
2010.1/x86_64/glibc-doc-2.11.1-8.3mnb2.x86_64.rpm
 1ac19950a67c4ee965b0ae9d2d6a0396 
2010.1/x86_64/glibc-doc-pdf-2.11.1-8.3mnb2.x86_64.rpm
 54031c917cb54a5abc42ebaf30dfe894 
2010.1/x86_64/glibc-i18ndata-2.11.1-8.3mnb2.x86_64.rpm
 18c2a1354df2094a7508b1990420ab5b 
2010.1/x86_64/glibc-profile-2.11.1-8.3mnb2.x86_64.rpm
 f8cef0d317c3ccbb5446672a1cf00ad6 
2010.1/x86_64/glibc-static-devel-2.11.1-8.3mnb2.x86_64.rpm
 78b27e0739627abebc7c43fbf82e107b 
2010.1/x86_64/glibc-utils-2.11.1-8.3mnb2.x86_64.rpm
 e37194682e8ef10c21a8d8483e76b3f4  2010.1/x86_64/nscd-2.11.1-8.3mnb2.x86_64.rpm

 2e1bffb07071cb21ef6363c21588f4b7  2010.1/SRPMS/glibc-2.11.1-8.3mnb2.src.rpm

 Mandriva Enterprise Server 5:
 73cffaaa03648c9eb01ed50b5fdd0cee 
mes5/i586/glibc-2.8-1.20080520.5.8mnb2.i586.rpm
 5e9ec7d6e3f319b5076dd51506d47032 
mes5/i586/glibc-devel-2.8-1.20080520.5.8mnb2.i586.rpm
 c80b37f1a750968735f8ce51c920e84e 
mes5/i586/glibc-doc-2.8-1.20080520.5.8mnb2.i586.rpm
 7de1f541c2bf6e17a4f3007cad517140 
mes5/i586/glibc-doc-pdf-2.8-1.20080520.5.8mnb2.i586.rpm
 27a365665846989b629b0cb3fb15acfd 
mes5/i586/glibc-i18ndata-2.8-1.20080520.5.8mnb2.i586.rpm
 3f2f68a0bc47bace3586919671c7f1b4 
mes5/i586/glibc-profile-2.8-1.20080520.5.8mnb2.i586.rpm
 17019cf79cf3864c537e12aefd48a23d 
mes5/i586/glibc-static-devel-2.8-1.20080520.5.8mnb2.i586.rpm
 7ad8f634ee4e0c5fc0f340dcfebcf0fb 
mes5/i586/glibc-utils-2.8-1.20080520.5.8mnb2.i586.rpm
 53a5dc175995723322a13a7e3bbd6c41 
mes5/i586/nscd-2.8-1.20080520.5.8mnb2.i586.rpm 
 6fcd77d9eac9fa71f91dcb1218afd628 
mes5/SRPMS/glibc-2.8-1.20080520.5.8mnb2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 33f73ece95aa39c59e0370449f13d3af 
mes5/x86_64/glibc-2.8-1.20080520.5.8mnb2.x86_64.rpm
 626f8e4774270e50c5e9bf2bc7dfa64c 
mes5/x86_64/glibc-devel-2.8-1.20080520.5.8mnb2.x86_64.rpm
 c9d59258ac0fc0463c585405bb46327a 
mes5/x86_64/glibc-doc-2.8-1.20080520.5.8mnb2.x86_64.rpm
 f81b494a1d394c48921c99983288c538 
mes5/x86_64/glibc-doc-pdf-2.8-1.20080520.5.8mnb2.x86_64.rpm
 1c972a49ecbfc91d0a156dd743894c14 
mes5/x86_64/glibc-i18ndata-2.8-1.20080520.5.8mnb2.x86_64.rpm
 45aa431a8a9920d188698ae64fe5466d 
mes5/x86_64/glibc-profile-2.8-1.20080520.5.8mnb2.x86_64.rpm
 ecf5dca4c8bc49c1e3ebeb2a698b38a3 
mes5/x86_64/glibc-static-devel-2.8-1.20080520.5.8mnb2.x86_64.rpm
 8de7d2dfa8ea598aac75faf24f606f13 
mes5/x86_64/glibc-utils-2.8-1.20080520.5.8mnb2.x86_64.rpm
 7615c6e96903c8c146d5ae2d2912c6ee 
mes5/x86_64/nscd-2.8-1.20080520.5.8mnb2.x86_64.rpm 
 6fcd77d9eac9fa71f91dcb1218afd628 
mes5/SRPMS/glibc-2.8-1.20080520.5.8mnb2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFOz9t8mqjQ0CJFipgRApgMAKDCqECazAj1XIHHxrkgU20PDJYFkgCgwVPy
TvvKkY3VN0Zc9M0LYEgkNUg=
=P3KM
-----END PGP SIGNATURE-----

Višestruki nedostaci paketa glibc

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Višestruki nedostaci paketa glibc

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti