#VU45137 Permissions, Privileges, and Access Controls in Glibc - CVE-2011-1095

Cybersecurity Help s.r.o.

Published: 2011-04-10 | Updated: 2020-08-11

Vulnerability identifier: #VU45137

Vulnerability risk: Medium

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-1095

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Glibc
Universal components / Libraries / Libraries used by multiple products

Vendor: GNU

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Glibc: 1.00 - 2.12.1

External links
https://bugs.gentoo.org/show_bug.cgi?id=330923
https://openwall.com/lists/oss-security/2011/03/08/21
https://openwall.com/lists/oss-security/2011/03/08/22
https://openwall.com/lists/oss-security/2011/03/08/8
https://secunia.com/advisories/43830
https://secunia.com/advisories/43976
https://secunia.com/advisories/43989
https://secunia.com/advisories/46397
https://security.gentoo.org/glsa/glsa-201011-01.xml
https://securitytracker.com/id?1025286
https://sources.redhat.com/bugzilla/show_bug.cgi?id=11904
https://sourceware.org/bugzilla/show_bug.cgi?id=11904
https://sourceware.org/git/?p=glibc.git;a=patch;h=026373745eab50a683536d950cb7e17dc98c4259
https://www.mandriva.com/security/advisories?name=MDVSA-2011:178
https://www.redhat.com/support/errata/RHSA-2011-0412.html
https://www.redhat.com/support/errata/RHSA-2011-0413.html
https://www.securityfocus.com/archive/1/520102/100/0/threaded
https://www.vmware.com/security/advisories/VMSA-2011-0012.html
https://www.vupen.com/english/advisories/2011/0863
https://bugzilla.redhat.com/show_bug.cgi?id=625893
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in GNU Glibc