Mandriva Linux Security Advisory 2011-179 - The addmntent function in the GNU C Library 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296. Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. crypt_blowfish before 1.1, as used in glibc on certain platforms, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. The updated packages have been patched to correct these issues.
28900655297d1ea4816e5de8820317856a37994a5877afdb6697329afc3ec425-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:179
http://www.mandriva.com/security/
_______________________________________________________________________
Package : glibc
Date : November 25, 2011
Affected: 2011.
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities was discovered and fixed in glibc:
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13
and earlier does not report an error status for failed attempts to
write to the /etc/mtab file, which makes it easier for local users
to trigger corruption of this file, as demonstrated by writes from
a process with a small RLIMIT_FSIZE value, a different vulnerability
than CVE-2010-0296 (CVE-2011-1089).
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or
libc6) 2.13 and earlier allows context-dependent attackers to cause a
denial of service (application crash) via a long UTF8 string that is
used in an fnmatch call with a crafted pattern argument, a different
vulnerability than CVE-2011-1071 (CVE-2011-1659).
crypt_blowfish before 1.1, as used in glibc on certain platforms,
does not properly handle 8-bit characters, which makes it easier
for context-dependent attackers to determine a cleartext password by
leveraging knowledge of a password hash (CVE-2011-2483).
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2011:
dfd50f461cb6f307b28861853146961e 2011/i586/glibc-2.13-6.1-mdv2011.0.i586.rpm
3128b74aaff36aea023ab2b7f04944fe 2011/i586/glibc-devel-2.13-6.1-mdv2011.0.i586.rpm
dac62d6c3020180ace287b4e68af8d41 2011/i586/glibc-doc-2.13-6.1-mdv2011.0.i586.rpm
b33f3c4f60b2f7e83c73bcdfae621298 2011/i586/glibc-doc-pdf-2.13-6.1-mdv2011.0.i586.rpm
bb7ebd801da9537b5a6294178b84d529 2011/i586/glibc-i18ndata-2.13-6.1-mdv2011.0.i586.rpm
d4af688906832f6fe7ce0318327ec7d9 2011/i586/glibc-profile-2.13-6.1-mdv2011.0.i586.rpm
a36cac92c1d95a917722f3efc47d913d 2011/i586/glibc-static-devel-2.13-6.1-mdv2011.0.i586.rpm
5cf50586154cfc0e644ad884f94ee0b3 2011/i586/glibc-utils-2.13-6.1-mdv2011.0.i586.rpm
3c2e20f956724c1d68bd760ddd1bcd9d 2011/i586/nscd-2.13-6.1-mdv2011.0.i586.rpm
b1081b829cb6b3794ba6670768123e96 2011/SRPMS/glibc-2.13-6.1.src.rpm
Mandriva Linux 2011/X86_64:
391fd990fbb899254466dced21383889 2011/x86_64/glibc-2.13-6.1-mdv2011.0.x86_64.rpm
9f9c7f42f7b47e8e3bd64fd3bb16ffce 2011/x86_64/glibc-devel-2.13-6.1-mdv2011.0.x86_64.rpm
c304129f1ddec2b85b598f1c5b1011f1 2011/x86_64/glibc-doc-2.13-6.1-mdv2011.0.x86_64.rpm
99ac80802daaa951f3b29b6f35e52bdc 2011/x86_64/glibc-doc-pdf-2.13-6.1-mdv2011.0.x86_64.rpm
e86e515f66a0a1c516c996640d5a9b63 2011/x86_64/glibc-i18ndata-2.13-6.1-mdv2011.0.x86_64.rpm
75c612f1044a58d3c6ab2321eb24edc5 2011/x86_64/glibc-profile-2.13-6.1-mdv2011.0.x86_64.rpm
885fa15b61932bfdd931ff1e65ff96bd 2011/x86_64/glibc-static-devel-2.13-6.1-mdv2011.0.x86_64.rpm
1c2e24d5e0dc77afb47ed0a9ad1ae75c 2011/x86_64/glibc-utils-2.13-6.1-mdv2011.0.x86_64.rpm
3c8ba07ade4bccefb17f4baa7420e67d 2011/x86_64/nscd-2.13-6.1-mdv2011.0.x86_64.rpm
b1081b829cb6b3794ba6670768123e96 2011/SRPMS/glibc-2.13-6.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOz+LumqjQ0CJFipgRAqAEAKDPmW5r3DzMVa5vtZiAtJ6vWjIuwACdE2Ux
9+IHfi5eLNhDOmrfpK4A8V8=
=BypT
-----END PGP SIGNATURE-----
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed