Published: 29/11/2009 Updated: 19/09/2017

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

VMScore: 614

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Subscribe to Gnu

ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 prior to 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu libtool 1.5.10
gnu libtool 1.5.12
gnu libtool 1.5.14
gnu libtool 1.5
gnu libtool 2.2.6a
gnu libtool 1.5.16
gnu libtool 1.5.18
gnu libtool 1.5.2
gnu libtool 1.5.4
gnu libtool 1.5.20
gnu libtool 1.5.22
gnu libtool 1.5.6
gnu libtool 1.5.8
gnu libtool 1.5.24
gnu libtool 1.5.26

Synopsis Moderate: gcc and gcc4 security update Type/Severity Security Advisory: Moderate Topic Updated gcc and gcc4 packages that fix one security issue are now availablefor Red Hat Enterprise Linux 3, 4, and 5This update has been rated as having moderate security impact by the RedHat Security Response Te ...

Debian Bug report logs - #559797 CVE-2009-3736 local privilege escalation Package: libtool; Maintainer for libtool is Alastair McKinstry <mckinstry@debianorg>; Source for libtool is src:libtool (PTS, buildd, popcon) Reported by: Michael Gilbert <michaelsgilbert@gmailcom> Date: Mon, 7 Dec 2009 04:48:01 UTC Sever ...

NVD-CWE-Other http://git.savannah.gnu.org/cgit/libtool.git/commit/?h=branch-1-5&id=29b48580df75f0c5baa2962548a4c101ec7ed7ec http://www.securityfocus.com/bid/37128 ftp://ftp.gnu.org/gnu/libtool/libtool-2.2.6a-2.2.6b.diff.gz http://lists.gnu.org/archive/html/libtool/2009-11/msg00065.html http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html http://secunia.com/advisories/37489 http://secunia.com/advisories/37414 https://bugzilla.redhat.com/show_bug.cgi?id=537941 http://www.mandriva.com/security/advisories?name=MDVSA-2009:307 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:035 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035133.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035168.html http://secunia.com/advisories/38617 http://secunia.com/advisories/38577 http://www.redhat.com/support/errata/RHSA-2010-0039.html http://secunia.com/advisories/38696 http://support.avaya.com/css/P8/documents/100074869 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://secunia.com/advisories/38915 http://secunia.com/advisories/38190 http://secunia.com/advisories/39347 http://hamlib.svn.sourceforge.net/viewvc/hamlib/trunk/libltdl/Makefile.am?revision=2841&view=markup http://secunia.com/advisories/39299 http://www.mandriva.com/security/advisories?name=MDVSA-2010:091 http://www.mandriva.com/security/advisories?name=MDVSA-2010:105 http://secunia.com/advisories/37997 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01512.html http://www.vupen.com/english/advisories/2011/0574 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054656.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054915.html http://secunia.com/advisories/43617 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054921.html http://secunia.com/advisories/55721 http://security.gentoo.org/glsa/glsa-201311-10.xml http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6951 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11687 https://access.redhat.com/errata/RHSA-2010:0039 https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook