Glibc LD_DEBUG Access Error May Disclose Information to Local Users
|
|
SecurityTracker Alert ID: 1010975
|
|
SecurityTracker URL: http://securitytracker.com/id?1010975
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Aug 18 2004
|
Impact: Disclosure of system information, Disclosure of user information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 2.3.4 and prior versions
|
Description: A vulnerability was reported in glibc. A local user may be able to gain unauthorized access to information.
Brad Spengler reported that a bug in glibc allows LD_DEBUG on set user id (setuid) binaries in cases where it should not be allowed.
Gentoo
reported that a local user can view the list of symbols a setuid application uses and the locations of those symbols. A local user
may be able to modify a library that takes precedence over those symbols to obtain information.
Silvio Cesare is credited with
discovering this flaw.
|
Impact: A local user may be able to obtain information processed by a setuid application.
|
Solution: The vendor has released a patch (glibc-sec-hotfix-20040804.patch). Individual Linux distribution vendors will be issuing fixed versions for their distributions.
|
Vendor URL: directory.fsf.org/GNU/glibc.html (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Linux (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Aug 17, 2004
Subject: sys-libs/glibc potential info leak vuln
|
> sys-libs/glibc potential info leak vuln
> There is an issue in Glibc where LD_DEBUG is allowed on suid binaries when it should
> not be. Patch is applied to glibc-2.3.4.20040619-r1, KEYWORDS="-* ~x86 ~mips ~amd64
> ~hppa" ${FILESDIR}/glibc-sec-hotfix-20040804.patch
Silvio Cesare is credited with discovering this flaw.
|
|
