Oval Definition:	oval:org.mitre.oval:def:22199
Revision Date: 2014-02-24 Version: 10 Title: RHSA-2010:0787: glibc security update (Important) Description: elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2010:0787 CVE-2010-3847 RHSA-2010:0787-01 Platform(s): CentOS Linux 5 Red Hat Enterprise Linux 5 Product(s): glibc Definition Synopsis Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 OR The operating system installed on the system is CentOS Linux 5.x AND Packages section glibc-headers is earlier than 0:2.5-49.el5_5.6 OR glibc-common is earlier than 0:2.5-49.el5_5.6 OR glibc-devel is earlier than 0:2.5-49.el5_5.6 OR glibc is earlier than 0:2.5-49.el5_5.6 OR nscd is earlier than 0:2.5-49.el5_5.6 OR glibc-utils is earlier than 0:2.5-49.el5_5.6
BACK