Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2009-5064

Published: 30/03/2011 Updated: 11/04/2024
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Glibc

Vulnerability Summary

ldd in the GNU C Library (aka glibc or libc6) 2.13 and previous versions allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc.

Vulnerable Product Search on Vulmon Subscribe to Product

gnu glibc 2.1.2

gnu glibc 2.0.5

gnu glibc 2.0.6

gnu glibc 1.00

gnu glibc 1.06

gnu glibc 2.1.1

gnu glibc 1.02

gnu glibc 2.0.3

gnu glibc 1.07

gnu glibc 2.0

gnu glibc 2.1.1.6

gnu glibc 1.04

gnu glibc 1.01

gnu glibc 2.1

gnu glibc

gnu glibc 1.09.1

gnu glibc 2.0.1

gnu glibc 1.09

gnu glibc 2.0.4

gnu glibc 2.0.2

gnu glibc 1.03

gnu glibc 1.08

gnu glibc 1.05

Vendor Advisories

Red Hat: Low: glibc security, bug fix, and enhancement update
Synopsis Low: glibc security, bug fix, and enhancement update Type/Severity Security Advisory: Low Topic Updated glibc packages that fix two security issues, several bugs, and addvarious enhancements are now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as ...
Red Hat: Moderate: glibc security and bug fix update
Synopsis Moderate: glibc security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated glibc packages that fix multiple security issues and one bug arenow available for Red Hat Enterprise Linux 4The Red Hat Security Response Team has rated this update as having moderatesecurity impact ...
Red Hat: Moderate: glibc security update
Synopsis Moderate: glibc security update Type/Severity Security Advisory: Moderate Topic Updated glibc packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability S ...

References

CWE-264https://bugzilla.redhat.com/show_bug.cgi?id=682998http://openwall.com/lists/oss-security/2011/03/08/2https://bugzilla.redhat.com/show_bug.cgi?id=531160http://www.catonmat.net/blog/ldd-arbitrary-code-execution/http://openwall.com/lists/oss-security/2011/03/07/10http://openwall.com/lists/oss-security/2011/03/07/13http://openwall.com/lists/oss-security/2011/03/08/10http://reverse.lostrealm.com/protect/ldd.htmlhttp://openwall.com/lists/oss-security/2011/03/07/7http://openwall.com/lists/oss-security/2011/03/08/3http://openwall.com/lists/oss-security/2011/03/08/1http://openwall.com/lists/oss-security/2011/03/08/7http://www.redhat.com/support/errata/RHSA-2011-1526.htmlhttps://access.redhat.com/errata/RHSA-2011:1526https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook