Vulnerabilities > CVE-2009-3736 - Local Privilege Escalation vulnerability in GNU Libtool 'libltdl' Library Search Path
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 15 |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2009-12813.NASL description - Tue Dec 22 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-20 - fix MEM_SIZE of reload created stack slots (#548825, PR rtl-optimization/42429) - fix addition of one character long filenames in fastjar (#549493) - Thu Dec 17 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-18 - update from gcc-4_4-branch - PRs c++/42387 - another C++ virtual dtors fix (PR c++/42386) - VTA mode and COND_EXEC fixes (PR debug/41679) - fix ICE in chrec_convert_1 (#547775) - fix debuginfo for optimized out TLS vars - use DW_AT_location with DW_OP_addr + DW_OP_stack_value instead of DW_AT_const_value with address in it, use DW_OP_addr + DW_OP_stack_value instead of DW_OP_implicit_value with address (#546017) - Mon Dec 14 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-17 - propagate TREE_NOTHROW/TREE_READONLY/DECL_PURE_P from ipa-pure-const and EH opt to all same body aliases (#547286) - don last seen 2020-06-01 modified 2020-06-02 plugin id 43612 published 2009-12-30 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43612 title Fedora 12 : gcc-4.4.2-20.fc12 (2009-12813) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2009-12813. # include("compat.inc"); if (description) { script_id(43612); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:32:29"); script_cve_id("CVE-2009-3736"); script_bugtraq_id(37128); script_xref(name:"FEDORA", value:"2009-12813"); script_name(english:"Fedora 12 : gcc-4.4.2-20.fc12 (2009-12813)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Tue Dec 22 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-20 - fix MEM_SIZE of reload created stack slots (#548825, PR rtl-optimization/42429) - fix addition of one character long filenames in fastjar (#549493) - Thu Dec 17 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-18 - update from gcc-4_4-branch - PRs c++/42387 - another C++ virtual dtors fix (PR c++/42386) - VTA mode and COND_EXEC fixes (PR debug/41679) - fix ICE in chrec_convert_1 (#547775) - fix debuginfo for optimized out TLS vars - use DW_AT_location with DW_OP_addr + DW_OP_stack_value instead of DW_AT_const_value with address in it, use DW_OP_addr + DW_OP_stack_value instead of DW_OP_implicit_value with address (#546017) - Mon Dec 14 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-17 - propagate TREE_NOTHROW/TREE_READONLY/DECL_PURE_P from ipa-pure-const and EH opt to all same body aliases (#547286) - don't emit DWARF location list entries with no location or DW_AT_location with empty blocks (PR debug/41473) - fix up AMD LWP support - don't crash when mangling C++ decls inside of middle-end generated functions (PR c++/41183) - Fri Dec 11 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-16 - update from gcc-4_4-branch - PRs c++/27425, c++/34274, c++/42301, fortran/42268, java/41991, libstdc++/42273, rtl-optimization/41574, target/41196, target/41939 target/42263 - Wed Dec 9 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-15 - VTA backports - PRs debug/42166, debug/42234, debug/42244, debug/42299 - fix handling of C++ COMDAT virtual destructors - some x86/x86_64 FMA4, XOP, ABM and LWP fixes - fix a decltype handling bug in templates (PR c++/42277) - Fri Dec 4 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-14 - update from gcc-4_4-branch - PRs libstdc++/42261, middle-end/42049 - backport C++0x ICE fix from trunk (PR c++/42266) - fortran !$omp workshare improvements (PR fortran/35423) - FMA4 and XOP fixes - Wed Dec 2 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-13 - fix security issues in libltdl bundled within libgcj (CVE-2009-3736) - Wed Dec 2 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-12 - update from gcc-4_4-branch - PRs c++/42234, fortran/41278, fortran/41807, fortran/42162, target/42113, target/42165 - don't ICE on -O256 (#539923) - fix -mregnames on ppc/ppc64 - optimize even COMDAT constructors and destructors without virtual bases (PR c++/3187) - Mon Nov 23 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-11 [plus 32 lines in the Changelog] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=537941" ); # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/033321.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?aa4ac9dc" ); script_set_attribute(attribute:"solution", value:"Update the affected gcc package."); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:gcc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/29"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/30"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^12([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 12.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC12", reference:"gcc-4.4.2-20.fc12")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gcc"); }NASL family SuSE Local Security Checks NASL id SUSE_11_LIBLTDL7-091201.NASL description libtool: libltdl may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 43633 published 2010-01-05 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/43633 title SuSE 11 Security Update : libtool (SAT Patch Number 1626) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SuSE 11 update information. The text itself is # copyright (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(43633); script_version("1.9"); script_cvs_date("Date: 2019/10/25 13:36:35"); script_cve_id("CVE-2009-3736"); script_name(english:"SuSE 11 Security Update : libtool (SAT Patch Number 1626)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 11 host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "libtool: libltdl may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=556122" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-3736.html" ); script_set_attribute(attribute:"solution", value:"Apply SAT patch number 1626."); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libltdl7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libltdl7-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libtool"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libtool-32bit"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/05"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11"); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu); pl = get_kb_item("Host/SuSE/patchlevel"); if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0"); flag = 0; if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"libltdl7-2.2.6-2.131.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libltdl7-2.2.6-2.131.1")) flag++; if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libltdl7-32bit-2.2.6-2.131.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"libltdl7-2.2.6-2.131.1")) flag++; if (rpm_check(release:"SLES11", sp:0, reference:"libtool-2.2.6-2.131.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"libltdl7-32bit-2.2.6-2.131.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"libtool-32bit-2.2.6-2.131.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"libltdl7-32bit-2.2.6-2.131.1")) flag++; if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"libtool-32bit-2.2.6-2.131.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-318.NASL description Multiple security vulnerabilities has been identified and fixed in xmlsec1 : A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature specification (CVE-2009-0217). All versions of libtool prior to 2.2.6b suffers from a local privilege escalation vulnerability that could be exploited under certain conditions to load arbitrary code (CVE-2009-3736). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update fixes this vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 43021 published 2009-12-07 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43021 title Mandriva Linux Security Advisory : xmlsec1 (MDVSA-2009:318) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2009:318. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(43021); script_version("1.17"); script_cvs_date("Date: 2019/08/02 13:32:52"); script_cve_id("CVE-2009-0217", "CVE-2009-3736"); script_bugtraq_id(35671, 37128); script_xref(name:"CERT", value:"466161"); script_xref(name:"MDVSA", value:"2009:318"); script_name(english:"Mandriva Linux Security Advisory : xmlsec1 (MDVSA-2009:318)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Multiple security vulnerabilities has been identified and fixed in xmlsec1 : A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature specification (CVE-2009-0217). All versions of libtool prior to 2.2.6b suffers from a local privilege escalation vulnerability that could be exploited under certain conditions to load arbitrary code (CVE-2009-3736). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update fixes this vulnerability." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-gnutls-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-gnutls1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-nss-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-nss1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-openssl-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64xmlsec1-openssl1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-gnutls-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-gnutls1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-nss-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-nss1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-openssl-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libxmlsec1-openssl1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:xmlsec1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xmlsec1-1-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xmlsec1-devel-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xmlsec1-gnutls-devel-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xmlsec1-gnutls1-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xmlsec1-nss-devel-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xmlsec1-nss1-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xmlsec1-openssl-devel-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"x86_64", reference:"lib64xmlsec1-openssl1-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxmlsec1-1-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxmlsec1-devel-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxmlsec1-gnutls-devel-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxmlsec1-gnutls1-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxmlsec1-nss-devel-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxmlsec1-nss1-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxmlsec1-openssl-devel-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", cpu:"i386", reference:"libxmlsec1-openssl1-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"xmlsec1-1.2.10-5.1mdv2008.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Fedora Local Security Checks NASL id FEDORA_2009-12725.NASL description - Thu Dec 3 2009 Karsten Hopp <karsten at redhat.com> 2.2.6-11.3 - require gcc-4.4.1 from F-11-updates - Wed Dec 2 2009 Karsten Hopp <karsten at redhat.com> 2.2.6-11.2 - update to 2.2.6b, fixes CVE-2009-3736: libltdl may load and execute code from a library in the current directory - Thu Jul 30 2009 Jakub Jelinek <jakub at redhat.com> 2.2.6-11.fc11.1 - rebuilt against gcc-4.4.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 43372 published 2009-12-22 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43372 title Fedora 11 : libtool-2.2.6-11.fc11.3 (2009-12725) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2009-12725. # include("compat.inc"); if (description) { script_id(43372); script_version("1.13"); script_cvs_date("Date: 2019/08/02 13:32:29"); script_cve_id("CVE-2009-3736"); script_bugtraq_id(37128); script_xref(name:"FEDORA", value:"2009-12725"); script_name(english:"Fedora 11 : libtool-2.2.6-11.fc11.3 (2009-12725)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Thu Dec 3 2009 Karsten Hopp <karsten at redhat.com> 2.2.6-11.3 - require gcc-4.4.1 from F-11-updates - Wed Dec 2 2009 Karsten Hopp <karsten at redhat.com> 2.2.6-11.2 - update to 2.2.6b, fixes CVE-2009-3736: libltdl may load and execute code from a library in the current directory - Thu Jul 30 2009 Jakub Jelinek <jakub at redhat.com> 2.2.6-11.fc11.1 - rebuilt against gcc-4.4.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=537941" ); # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032899.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?698d80b8" ); script_set_attribute( attribute:"solution", value:"Update the affected libtool package." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libtool"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:11"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/22"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^11([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 11.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC11", reference:"libtool-2.2.6-11.fc11.3")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libtool"); }NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_77C14729DC5E11DE92AE02E0184B8D35.NASL description Secunia.com Do not attempt to load an unqualified module.la file from the current directory (by default) since doing so is insecure and is not compliant with the documentation. last seen 2020-06-01 modified 2020-06-02 plugin id 42912 published 2009-11-30 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/42912 title FreeBSD : libtool -- Library Search Path Privilege Escalation Issue (77c14729-dc5e-11de-92ae-02e0184b8d35) NASL family Fedora Local Security Checks NASL id FEDORA_2010-4340.NASL description Remove embedded ltdl to fix CVE-2009-3736 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47356 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47356 title Fedora 13 : gnu-smalltalk-3.1-8.fc13 (2010-4340) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0039.NASL description Updated gcc and gcc4 packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gcc and gcc4 packages include, among others, C, C++, and Java GNU compilers and related support libraries. libgcj contains a copy of GNU Libtool last seen 2020-06-01 modified 2020-06-02 plugin id 43882 published 2010-01-14 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43882 title RHEL 3 / 4 / 5 : gcc and gcc4 (RHSA-2010:0039) NASL family Fedora Local Security Checks NASL id FEDORA_2011-1990.NASL description Rebuilt against system libltdl. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 52519 published 2011-03-03 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52519 title Fedora 15 : q-7.11-10.fc15 (2011-1990) NASL family SuSE Local Security Checks NASL id SUSE_11_2_LIBLTDL-3-091202.NASL description libtool: libltdl may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 43632 published 2010-01-05 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/43632 title openSUSE Security Update : libltdl-3 (libltdl-3-1638) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201311-10.NASL description The remote host is affected by the vulnerability described in GLSA-201311-10 (GraphicsMagick: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GraphicsMagick. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted image file, potentially resulting in arbitrary code execution or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 70959 published 2013-11-19 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70959 title GLSA-201311-10 : GraphicsMagick: Multiple vulnerabilities NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2010-0009.NASL description a. Service Console update for COS kernel Updated COS package last seen 2020-06-01 modified 2020-06-02 plugin id 46765 published 2010-06-01 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46765 title VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updates NASL family Fedora Local Security Checks NASL id FEDORA_2010-8756.NASL description This update addresses CVE-2009-3736: libltdl may load and execute code from a library in the current directory. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47511 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47511 title Fedora 12 : libprelude-0.9.24.1-2.fc12 (2010-8756) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2009-1646.NASL description Updated libtool packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU Libtool is a set of shell scripts which automatically configure UNIX, Linux, and similar operating systems to generically build shared libraries. A flaw was found in the way GNU Libtool last seen 2020-06-01 modified 2020-06-02 plugin id 43078 published 2009-12-09 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43078 title RHEL 3 / 4 / 5 : libtool (RHSA-2009:1646) NASL family SuSE Local Security Checks NASL id SUSE_11_1_LIBLTDL-3-091201.NASL description libtool: libltdl may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 43630 published 2010-01-05 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/43630 title openSUSE Security Update : libltdl-3 (libltdl-3-1638) NASL family Scientific Linux Local Security Checks NASL id SL_20091208_LIBTOOL_ON_SL3_X.NASL description CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory A flaw was found in the way GNU Libtool last seen 2020-06-01 modified 2020-06-02 plugin id 60702 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60702 title Scientific Linux Security Update : libtool on SL3.x, SL4.x, SL5.x i386/x86_64 NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2009-1646.NASL description Updated libtool packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU Libtool is a set of shell scripts which automatically configure UNIX, Linux, and similar operating systems to generically build shared libraries. A flaw was found in the way GNU Libtool last seen 2020-06-01 modified 2020-06-02 plugin id 43070 published 2009-12-09 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43070 title CentOS 3 / 4 / 5 : libtool (CESA-2009:1646) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0039.NASL description From Red Hat Security Advisory 2010:0039 : Updated gcc and gcc4 packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gcc and gcc4 packages include, among others, C, C++, and Java GNU compilers and related support libraries. libgcj contains a copy of GNU Libtool last seen 2020-06-01 modified 2020-06-02 plugin id 67985 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67985 title Oracle Linux 3 / 4 / 5 : gcc / gcc4 (ELSA-2010-0039) NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2010-0009_REMOTE.NASL description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - libpng - VMnc Codec - vmrun - VMware Remote Console (VMrc) - VMware Tools - vmware-authd last seen 2020-06-01 modified 2020-06-02 plugin id 89740 published 2016-03-08 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/89740 title VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-035.NASL description This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes described as follow : An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow (CVE-2009-0200). A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to table parsing (CVE-2009-0201). A heap-based buffer overflow allows remote attackers to execute arbitrary code via a crafted EMF file (CVE-2009-2139). Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file (CVE-2009-2140). OpenOffice last seen 2020-06-01 modified 2020-06-02 plugin id 48172 published 2010-07-30 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48172 title Mandriva Linux Security Advisory : openoffice.org (MDVSA-2010:035) NASL family Fedora Local Security Checks NASL id FEDORA_2010-4352.NASL description - Thu Mar 11 2010 Lucian Langa <cooly at gnome.eu.org> - 1.2.8-4 - kill rpath - use system ltdl (#563975) - fix documents install - misc cleanups Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47358 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47358 title Fedora 11 : hamlib-1.2.8-4.fc11 (2010-4352) NASL family Fedora Local Security Checks NASL id FEDORA_2010-4339.NASL description Remove embedded ltdl to fix CVE-2009-3736 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47355 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47355 title Fedora 12 : gnu-smalltalk-3.1-8.fc12 (2010-4339) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201412-08.NASL description The remote host is affected by the vulnerability described in GLSA-201412-08 (Multiple packages, Multiple vulnerabilities fixed in 2010) Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. Insight Perl Tk Module Source-Navigator Tk Partimage Mlmmj acl Xinit gzip ncompress liblzw splashutils GNU M4 KDE Display Manager GTK+ KGet dvipng Beanstalk Policy Mount pam_krb5 GNU gv LFTP Uzbl Slim Bitdefender Console iputils DVBStreamer Impact : A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Workaround : There are no known workarounds at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 79961 published 2014-12-15 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/79961 title GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010 NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-056.NASL description This update provides the OpenOffice.org 3.0 major version and holds the security fixes for the following issues : An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document leading to a heap-based buffer overflow (CVE-2009-0200). An heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document related to table parsing. (CVE-2009-0201). Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file (CVE-2009-2140). OpenOffice last seen 2020-06-01 modified 2020-06-02 plugin id 44996 published 2010-03-08 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44996 title Mandriva Linux Security Advisory : openoffice.org (MDVSA-2010:056) NASL family SuSE Local Security Checks NASL id SUSE_11_0_LIBLTDL-3-091201.NASL description libtool: libltdl may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 43629 published 2010-01-05 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/43629 title openSUSE Security Update : libltdl-3 (libltdl-3-1638) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-307.NASL description A vulnerability was discovered and corrected in libtool : All versions of libtool prior to 2.2.6b suffers from a local privilege escalation vulnerability that could be exploited under certain conditions to load arbitrary code (CVE-2009-3736). This advisory fixes this issue. Additionally, all applications embedding the libtool code were patched in order to avoid possible future exploitations of this issue. Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers last seen 2020-06-01 modified 2020-06-02 plugin id 42943 published 2009-12-01 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/42943 title Mandriva Linux Security Advisory : libtool (MDVSA-2009:307-1) NASL family Fedora Local Security Checks NASL id FEDORA_2010-4407.NASL description - Thu Mar 11 2010 Lucian Langa <cooly at gnome.eu.org> - 1.2.10-2 - kill rpath - misc cleanups - use system ltdl (#563975) - Sat Nov 7 2009 Lucian Langa <cooly at gnome.eu.org> - 1.2.10-1 - new upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47361 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47361 title Fedora 12 : hamlib-1.2.10-2.fc12 (2010-4407) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1958.NASL description It was discovered that ltdl, a system-independent dlopen wrapper for GNU libtool, can be tricked to load and run modules from an arbitrary directory, which might be used to execute arbitrary code with the privileges of the user running an application that uses libltdl. last seen 2020-06-01 modified 2020-06-02 plugin id 44823 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44823 title Debian DSA-1958-1 : libtool - privilege escalation NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2009-1646.NASL description From Red Hat Security Advisory 2009:1646 : Updated libtool packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNU Libtool is a set of shell scripts which automatically configure UNIX, Linux, and similar operating systems to generically build shared libraries. A flaw was found in the way GNU Libtool last seen 2020-06-01 modified 2020-06-02 plugin id 67968 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67968 title Oracle Linux 3 / 4 / 5 : libtool (ELSA-2009-1646) NASL family Fedora Local Security Checks NASL id FEDORA_2010-3216.NASL description This update patches the bundled copy of libltdl library which was vulnerable to CVE-2009-3736. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47301 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47301 title Fedora 12 : esorex-3.7.2-5.fc12 (2010-3216) NASL family Fedora Local Security Checks NASL id FEDORA_2010-4098.NASL description This update patches the bundled copy of libltdl library which was vulnerable to CVE-2009-3736. This update allows esorex to be built with the new ImplicitDSOLinking behaviour of F-13 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47338 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47338 title Fedora 13 : esorex-3.7.2-6.fc13 (2010-4098) NASL family Fedora Local Security Checks NASL id FEDORA_2010-1872.NASL description Fix package so that it uses the system copy of libtool-ltdl, and get rid of the ancient embedded copy, which suffers from the vulnerability in CVE-2009-3736. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47280 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47280 title Fedora 12 : gambas-1.0.19-12.fc12 (2010-1872) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-075.NASL description This updates provides a security update to the OpenOffice.org described as follow : OpenOffice last seen 2020-06-01 modified 2020-06-02 plugin id 48178 published 2010-07-30 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48178 title Mandriva Linux Security Advisory : openoffice.org (MDVSA-2010:075) NASL family Fedora Local Security Checks NASL id FEDORA_2010-1924.NASL description Fix package so that it uses the system copy of libtool-ltdl, and get rid of the ancient embedded copy, which suffers from the vulnerability in CVE-2009-3736. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47283 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47283 title Fedora 11 : gambas-1.0.19-12.fc11 (2010-1924) NASL family SuSE Local Security Checks NASL id SUSE_LIBTOOL-6683.NASL description libtool: libltdl may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 49884 published 2010-10-11 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/49884 title SuSE 10 Security Update : libtool (ZYPP Patch Number 6683) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0039.NASL description Updated gcc and gcc4 packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gcc and gcc4 packages include, among others, C, C++, and Java GNU compilers and related support libraries. libgcj contains a copy of GNU Libtool last seen 2020-06-01 modified 2020-06-02 plugin id 44027 published 2010-01-15 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44027 title CentOS 3 / 4 / 5 : gcc / gcc4 (CESA-2010:0039) NASL family Fedora Local Security Checks NASL id FEDORA_2010-1820.NASL description This update makes Gnash use the system version of the libltdl library instead of the bundled copy which was vulnerable to CVE-2009-3736. An update to the system libltdl fixing CVE-2009-3736 was issued on December 29, 2009. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47273 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47273 title Fedora 12 : gnash-0.8.6-13.fc12 (2010-1820) NASL family Fedora Local Security Checks NASL id FEDORA_2010-2341.NASL description Not sure whether mingw32-libltdl (due to its special nature in being for cross- compilation development for an entirely different system) is actually affected by CVE-2009-3736, but this should make sure everything is fixed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47290 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47290 title Fedora 12 : mingw32-libltdl-1.5.26-20.fc12 (2010-2341) NASL family Fedora Local Security Checks NASL id FEDORA_2011-1958.NASL description Rebuilt against system libltdl. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 52538 published 2011-03-04 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52538 title Fedora 13 : q-7.11-8.fc13 (2011-1958) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-105.NASL description This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes described as follow : An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow (CVE-2009-0200). A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to table parsing (CVE-2009-0201). A heap-based buffer overflow allows remote attackers to execute arbitrary code via a crafted EMF file (CVE-2009-2139). Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file (CVE-2009-2140). OpenOffice last seen 2020-06-01 modified 2020-06-02 plugin id 46699 published 2010-05-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/46699 title Mandriva Linux Security Advisory : openoffice.org (MDVSA-2010:105) NASL family Scientific Linux Local Security Checks NASL id SL_20100113_GCC_AND_GCC4_ON_SL3_X.NASL description CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory A flaw was found in the way GNU Libtool last seen 2020-06-01 modified 2020-06-02 plugin id 60722 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60722 title Scientific Linux Security Update : gcc and gcc4 on SL3.x, SL4.x, SL5.x i386/x86_64 NASL family Fedora Local Security Checks NASL id FEDORA_2010-1833.NASL description This update makes Gnash use the system version of the libltdl library instead of the bundled copy which was vulnerable to CVE-2009-3736. An update to the system libltdl fixing CVE-2009-3736 was issued on December 21, 2009. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47274 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47274 title Fedora 11 : gnash-0.8.6-13.fc11 (2010-1833) NASL family Fedora Local Security Checks NASL id FEDORA_2010-4392.NASL description Remove embedded ltdl to fix CVE-2009-3736 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47360 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47360 title Fedora 11 : gnu-smalltalk-3.1-8.fc11 (2010-4392) NASL family Fedora Local Security Checks NASL id FEDORA_2009-12562.NASL description libltdl may load and execute code from a library in the current directory. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 43611 published 2009-12-30 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43611 title Fedora 12 : libtool-2.2.6-17.fc12 (2009-12562) NASL family Fedora Local Security Checks NASL id FEDORA_2010-2943.NASL description Not sure whether mingw32-libltdl (due to its special nature in being for cross- compilation development for an entirely different system) is actually affected by CVE-2009-3736, but this should make sure everything is fixed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47296 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47296 title Fedora 11 : mingw32-libltdl-1.5.26-17.fc11 (2010-2943) NASL family SuSE Local Security Checks NASL id SUSE9_12554.NASL description libltdl of libtool may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 44929 published 2010-03-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44929 title SuSE9 Security Update : libtool (YOU Patch Number 12554) NASL family Fedora Local Security Checks NASL id FEDORA_2011-1967.NASL description Rebuilt against system libltdl. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 52539 published 2011-03-04 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/52539 title Fedora 14 : q-7.11-8.fc14 (2011-1967) NASL family Fedora Local Security Checks NASL id FEDORA_2010-10640.NASL description The remote Fedora host is missing one or more security updates : gcc-4.4.4-10.fc12 : - Wed Jun 30 2010 Jakub Jelinek <jakub at redhat.com> 4.4.4-10 - update from gcc-4_4-branch - PRs fortran/43841, fortran/43843, tree-optimization/44683 - fix qualified-id as template argument handling (#605761, PR c++/44587) - -Wunused-but-set-* static_cast fix (PR c++/44682) - VTA backports - PRs debug/44610, debug/44668, debug/44694 - unswitching fixes (PR middle-end/43866) - Thu Jun 24 2010 Jakub Jelinek <jakub at redhat.com> 4.4.4-9 - update from gcc-4_4-branch - PRs bootstrap/44426, bootstrap/44544, c++/44627, fortran/44536, libgcj/44216, target/39690, target/43740, target/44261, target/44481, target/44534, target/44615, testsuite/32843, testsuite/43739, tree-optimization/44508 - VTA backports - PRs debug/43650, debug/44181, debug/44247 - -Wunused-but-set-* ->*/.* fix (PR c++/44619) - undeprecate #ident and #sccs (#606069) - fixup dates in generated man pages even for fastjar and gcc/ man pages - don last seen 2020-06-01 modified 2020-06-02 plugin id 47612 published 2010-07-07 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47612 title Fedora 12 : gcc-4.4.4-10.fc12 / libtool-2.2.6-18.fc12.1 (2010-10640) NASL family SuSE Local Security Checks NASL id SUSE_LIBTOOL-6678.NASL description libtool: libltdl may load modules from the current working directory. CVE-2009-3736 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 43634 published 2010-01-05 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/43634 title SuSE 10 Security Update : libtool (ZYPP Patch Number 6678) NASL family Fedora Local Security Checks NASL id FEDORA_2010-3314.NASL description This update patches the bundled copy of libltdl library which was vulnerable to CVE-2009-3736. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47307 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/47307 title Fedora 11 : esorex-3.7.2-3.fc11 (2010-3314)
Oval
accepted 2013-04-29T04:15:19.827-04:00 class vulnerability contributors name Aharon Chernin organization SCAP.com, LLC name Dragos Prisaca organization G2, Inc.
definition_extensions comment The operating system installed on the system is Red Hat Enterprise Linux 3 oval oval:org.mitre.oval:def:11782 comment CentOS Linux 3.x oval oval:org.mitre.oval:def:16651 comment The operating system installed on the system is Red Hat Enterprise Linux 4 oval oval:org.mitre.oval:def:11831 comment CentOS Linux 4.x oval oval:org.mitre.oval:def:16636 comment Oracle Linux 4.x oval oval:org.mitre.oval:def:15990 comment The operating system installed on the system is Red Hat Enterprise Linux 5 oval oval:org.mitre.oval:def:11414 comment The operating system installed on the system is CentOS Linux 5.x oval oval:org.mitre.oval:def:15802 comment Oracle Linux 5.x oval oval:org.mitre.oval:def:15459
description ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file. family unix id oval:org.mitre.oval:def:11687 status accepted submitted 2010-07-09T03:56:16-04:00 title ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file. version 28 accepted 2014-01-20T04:01:30.438-05:00 class vulnerability contributors name J. Daniel Brown organization DTCC name Chris Coffin organization The MITRE Corporation
definition_extensions comment VMware ESX Server 4.0 is installed oval oval:org.mitre.oval:def:6293 description ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file. family unix id oval:org.mitre.oval:def:6951 status accepted submitted 2010-06-01T17:30:00.000-05:00 title GNU Libtool 'libltdl' Library Search Path Local Privilege Escalation Vulnerability version 9
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 37128 CVE ID: CVE-2009-3736 GNU libtool是一个通用库支持脚本,将使用动态库的复杂性隐藏在统一、可移植的接口中。 GNU Libtool的libltdl库中的ltdl.c文件将当前工作目录用作了库的搜索路径,如果攻击者创建了恶意的共享对象或.la文件并诱骗用户使用同一目录中的libtool库执行应用程序,就会导致执行任意代码。 GNU libtool 2.2.6 GNU libtool 1.5.x 厂商补丁: GNU --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html |
| id | SSV:15008 |
| last seen | 2017-11-19 |
| modified | 2009-12-02 |
| published | 2009-12-02 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-15008 |
| title | GNU Libtool libltdl库搜索路径本地权限提升漏洞 |
References
- ftp://ftp.gnu.org/gnu/libtool/libtool-2.2.6a-2.2.6b.diff.gz
- http://git.savannah.gnu.org/cgit/libtool.git/commit/?h=branch-1-5&id=29b48580df75f0c5baa2962548a4c101ec7ed7ec
- http://hamlib.svn.sourceforge.net/viewvc/hamlib/trunk/libltdl/Makefile.am?revision=2841&view=markup
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035133.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035168.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054656.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054915.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054921.html
- http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html
- http://lists.gnu.org/archive/html/libtool/2009-11/msg00065.html
- http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
- http://secunia.com/advisories/37414
- http://secunia.com/advisories/37489
- http://secunia.com/advisories/37997
- http://secunia.com/advisories/38190
- http://secunia.com/advisories/38577
- http://secunia.com/advisories/38617
- http://secunia.com/advisories/38696
- http://secunia.com/advisories/38915
- http://secunia.com/advisories/39299
- http://secunia.com/advisories/39347
- http://secunia.com/advisories/43617
- http://secunia.com/advisories/55721
- http://security.gentoo.org/glsa/glsa-201311-10.xml
- http://support.avaya.com/css/P8/documents/100074869
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:307
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:035
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:091
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:105
- http://www.redhat.com/support/errata/RHSA-2010-0039.html
- http://www.securityfocus.com/bid/37128
- http://www.vupen.com/english/advisories/2011/0574
- https://bugzilla.redhat.com/show_bug.cgi?id=537941
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11687
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6951
- https://rhn.redhat.com/errata/RHSA-2010-0095.html
- https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01512.html