Solution
Please Install the Updated Packages.
Insight
Multiple vulnerabilities was discovered and fixed in glibc:
Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has in (a) RPATH or (b) RUNPATH. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847 (CVE-2011-0536).
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a stack extension attack, a related issue to CVE-2010-2898, as originally reported for use of this library by Google Chrome (CVE-2011-1071).
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296 (CVE-2011-1089).
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function (CVE-2011-1095).
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071 (CVE-2011-1659).
crypt_blowfish before 1.1, as used in glibc on certain platforms, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash (CVE-2011-2483).
The updated packages have been patched to correct these issues.
Affected
glibc on Mandriva Linux 2010.1,
Mandriva Linux 2010.1/X86_64,
Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64
Severity
Classification
-
CVE CVE-2010-0296, CVE-2010-2898, CVE-2010-3847, CVE-2011-0536, CVE-2011-1071, CVE-2011-1089, CVE-2011-1095, CVE-2011-1659, CVE-2011-2483 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities