Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2011-0536

Published: 08/04/2011 Updated: 13/02/2023
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 695
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Gnu

Vulnerability Summary

Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.

Vulnerable Product Search on Vulmon Subscribe to Product

gnu glibc 2.5-49.el5_5.6

gnu glibc 2.12-1.7.el6_0.3

redhat enterprise_linux

Vendor Advisories

Debian CVElist Bug Report Logs: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
Debian Bug report logs - #600667 eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path Package: eglibc; Maintainer for eglibc is (unknown); Reported by: Michael Gilbert <michaelsgilbert@gmailcom> Date: Mon, 18 Oct 2010 22:57:05 UTC Severity: grave Tags: pending, security, squeeze-ignore Fou ...

Exploits

Exploit DB: GNU C library dynamic linker - '$ORIGIN' Expansion
from: marcinfo/?l=full-disclosure&m=128739684614072&w=2 The GNU C library dynamic linker expands $ORIGIN in setuid library search path ------------------------------------------------------------------------------ Gruezi, This is CVE-2010-3847 The dynamic linker (or dynamic loader) is responsible for the runtime linking of dynam ...

References

NVD-CWE-Otherhttps://launchpad.net/bugs/701783http://secunia.com/advisories/43989http://openwall.com/lists/oss-security/2011/02/01/3http://openwall.com/lists/oss-security/2011/02/03/2http://lists.debian.org/debian-security-announce/2011/msg00005.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=667974http://www.vupen.com/english/advisories/2011/0863http://www.redhat.com/support/errata/RHSA-2011-0413.htmlhttp://www.ubuntu.com/usn/USN-1009-2http://securitytracker.com/id?1025289http://www.redhat.com/support/errata/RHSA-2011-0412.htmlhttp://secunia.com/advisories/43830http://secunia.com/advisories/46397http://www.vmware.com/security/advisories/VMSA-2011-0012.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:178https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086http://www.securityfocus.com/archive/1/520102/100/0/threadedhttp://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600667https://www.exploit-db.com/exploits/15274/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook