Scientific Linux Security Update : glibc on SL6.x i386/x86_64

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing one or more security
updates.

Description :

The glibc packages contain the standard C libraries used by multiple
programs on the system. These packages contain the standard C and the
standard math libraries. Without these two libraries, a Linux system
cannot function properly.

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way the glibc library read timezone files. If a
carefully-crafted timezone file was loaded by an application linked
against glibc, it could cause the application to crash or,
potentially, execute arbitrary code with the privileges of the user
running the application. (CVE-2009-5029)

A denial of service flaw was found in the remote procedure call (RPC)
implementation in glibc. A remote attacker able to open a large number
of connections to an RPC service that is using the RPC implementation
from glibc, could use this flaw to make that service use an excessive
amount of CPU time. (CVE-2011-4609)

This update also fixes the following bugs :

- glibc had incorrect information for numeric separators
and groupings for specific French, Spanish, and German
locales. Therefore, applications utilizing glibc's
locale support printed numbers with the wrong separators
and groupings when those locales were in use. With this
update, the separator and grouping information has been
fixed.

- The 2.12-1.25.el6_1.3 glibc update introduced a
regression, causing glibc to incorrectly parse groups
with more than 126 members, resulting in applications
such as 'id' failing to list all the groups a particular
user was a member of. With this update, group parsing
has been fixed.

- glibc incorrectly allocated too much memory due to a
race condition within its own malloc routines. This
could cause a multi-threaded application to allocate
more memory than was expected. With this update, the
race condition has been fixed, and malloc's behavior is
now consistent with the documentation regarding the
MALLOC_ARENA_TEST and MALLOC_ARENA_MAX environment
variables.

Users should upgrade to these updated packages, which contain
backported patches to resolve these issues.

See also :

http://www.nessus.org/u?42c155a6

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 61223 ()

Bugtraq ID:

CVE ID: CVE-2009-5029
CVE-2011-4609