Revision Date: | 2014-01-20 | Version: | 4 | Title: | VMware ESX third party updates for Service Console packages glibc, sudo, and openldap | Description: | ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared objects (DSOs) as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a trusted library directory, as demonstrated by libpcprofile.so. | Family: | unix | Class: | vulnerability | Status: | ACCEPTED | Reference(s): | CVE-2010-3856
| Platform(s): | VMWare ESX Server 4.0 VMWare ESX Server 4.1
| Product(s): | | Definition Synopsis | Patch ESX410-201101226-SG is not installed VMware ESX Server 4.1 is installed
AND Patch ESX410-201101226-SG is not installed
OR Patch ESX400-201101405-SG is not installed
VMware ESX Server 4.0 is installed
AND Patch ESX400-201101405-SG is not installed
|
|