Detections
Analytics

Mandriva Linux Security Advisory : glibc (MDVSA-2014:152)

high Nessus Plugin ID 77040

Language:

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Updated glibc packages fix security issues :

Stephane Chazelas discovered that directory traversal issue in locale handling in glibc. glibc accepts relative paths with .. components in the LC_* and LANG variables. Together with typical OpenSSH configurations (with suitable AcceptEnv settings in sshd_config), this could conceivably be used to bypass ForceCommand restrictions (or restricted shells), assuming the attacker has sufficient level of access to a file system location on the host to create crafted locale definitions there (CVE-2014-0475).

David Reid, Glyph Lefkowitz, and Alex Gaynor discovered a bug where posix_spawn_file_actions_addopen fails to copy the path argument (glibc bz #17048) which can, in conjunction with many common memory management techniques from an application, lead to a use after free, or other vulnerabilities (CVE-2014-4043).

Solution

Update the affected packages.

See Also

http://advisories.mageia.org/MGASA-2014-0314.html

Plugin Details

Severity: High

ID: 77040

File Name: mandriva_MDVSA-2014-152.nasl

Version: 1.7

Type: local

Published: 8/7/2014

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:glibc, p-cpe:/a:mandriva:linux:glibc-devel, p-cpe:/a:mandriva:linux:glibc-doc, p-cpe:/a:mandriva:linux:glibc-doc-pdf, p-cpe:/a:mandriva:linux:glibc-i18ndata, p-cpe:/a:mandriva:linux:glibc-profile, p-cpe:/a:mandriva:linux:glibc-static-devel, p-cpe:/a:mandriva:linux:glibc-utils, p-cpe:/a:mandriva:linux:nscd, cpe:/o:mandriva:business_server:1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 8/6/2014

Reference Information

CVE: CVE-2014-0475, CVE-2014-4043

BID: 68006, 68505

MDVSA: 2014:152