Buffer overflow in GNU Glibc



| Updated: 2020-08-08
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-1000409
CWE-ID CWE-119
Exploitation vector Local
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
 Glibc
Universal components / Libraries / Libraries used by multiple products

Vendor GNU

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Buffer overflow

EUVDB-ID: #VU37575

Risk: Low

CVSSv4.0: 6.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-1000409

CWE-ID: CWE-119 - Memory corruption

Exploit availability: Yes

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Glibc: 2.5

CPE2.3 External links

https://seclists.org/oss-sec/2017/q4/385
https://security.netapp.com/advisory/ntap-20190404-0003/
https://www.exploit-db.com/exploits/43331/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###