Mandrake Linux Security Advisory : glibc (MDKSA-2000:045-1)

high Nessus Plugin ID 61837

Language:

Synopsis

The remote Mandrake Linux host is missing one or more security updates.

Description

A bug was discovered in ld.so that could allow local users to obtain root privileges. The dynamic loader, ld.so, is responsible for making shared libraries available within a program at run-time. Normally, a user is allowed to load additional shared libraries when executing a program; they can be specified with environment variables such as LD_PRELOAD. Because this is not acceptable for applications that are setuid root, ld.so normally removes these environment variables for setuid root programs. The discovered bug causes these environment variables to not be removed under certain circumstances. While setuid programs themselves are not vulnerable, external programs they execute can be affected by this problem.

A number of additional bugs have been found in the glibc locale and internationaliztion security checks. In internationalized programs, users are permitted to select a locale or choose message catalogues using environment variables such as LANG or LC_*. The content of these variables is then used as part of the pathname used to search message catalogues or locale files. Under normal circumstances, if these variables contained the '/' character, a program could load the internationalization files from arbitrary directories. This is not acceptable for setuid programs, which is the reason glibc does not allow certain settings of these variables if the program is setuid or setgid. However, some of these checks were done in inapporpriate places, contained bugs, or were missing entirely. It is highly probable that some of these bugs can be used for local root exploits.

Update :

Packages are now available for Linux-Mandrake 6.0 and 6.1.

Solution

Update the affected glibc, glibc-devel and / or glibc-profile packages.

Plugin Details

Severity: High

ID: 61837

File Name: mandrake_MDKSA-2000-045.nasl

Version: 1.6

Type: local

Family: Mandriva Local Security Checks

Published: 9/6/2012

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:glibc, p-cpe:/a:mandriva:linux:glibc-devel, p-cpe:/a:mandriva:linux:glibc-profile, cpe:/o:mandrakesoft:mandrake_linux:6.0, cpe:/o:mandrakesoft:mandrake_linux:6.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 9/7/2000

Reference Information

CVE: CVE-2000-0824

MDKSA: 2000:045-1

Detections

Analytics