Oval Definition:oval:org.mitre.oval:def:13244
Revision Date:2014-06-30Version:20
Title:USN-1009-2 -- eglibc, glibc vulnerability
Description:USN-1009-1 fixed vulnerabilities in the GNU C library. Colin Watson discovered that the fixes were incomplete and introduced flaws with setuid programs loading libraries that used dynamic string tokens in their RPATH. If the "man" program was installed setuid, a local attacker could exploit this to gain "man" user privileges, potentially leading to further privilege escalations. Default Ubuntu installations were not affected. Original advisory details: Tavis Ormandy discovered multiple flaws in the GNU C Library�s handling of the LD_AUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2010-3847
CVE-2010-3856
USN-1009-2
USN-1009-2
Platform(s):Ubuntu 10.04
Ubuntu 10.10
Ubuntu 8.04
Ubuntu 9.10
Product(s):eglibc
glibc
Definition Synopsis
  • Release section
  • Ubuntu 8.04 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • glibc-doc DPKG is earlier than 2.7-10ubuntu8
  • OR glibc-source DPKG is earlier than 2.7-10ubuntu8
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is powerpc
  • OR Installed architecture is amd64
  • OR Installed architecture is lpia
  • OR Installed architecture is i386
  • AND Packages section
  • libnss-files-udeb DPKG is earlier than 2.7-10ubuntu8
  • OR libc6-prof DPKG is earlier than 2.7-10ubuntu8
  • OR libc6 DPKG is earlier than 2.7-10ubuntu8
  • OR libc6-dev DPKG is earlier than 2.7-10ubuntu8
  • OR libc6-pic DPKG is earlier than 2.7-10ubuntu8
  • OR libnss-dns-udeb DPKG is earlier than 2.7-10ubuntu8
  • OR nscd DPKG is earlier than 2.7-10ubuntu8
  • OR libc6-dbg DPKG is earlier than 2.7-10ubuntu8
  • OR libc6-udeb DPKG is earlier than 2.7-10ubuntu8
  • OR Architecture depended section
  • Installed architecture is i386
  • AND Packages section
  • libc6-amd64 DPKG is earlier than 2.7-10ubuntu8
  • OR libc6-dev-amd64 DPKG is earlier than 2.7-10ubuntu8
  • OR libc6-i686 DPKG is earlier than 2.7-10ubuntu8
  • OR libc6-xen DPKG is earlier than 2.7-10ubuntu8
  • OR Supported platform section
  • Installed architecture is powerpc
  • AND Packages section
  • libc6-dev-ppc64 DPKG is earlier than 2.7-10ubuntu8
  • OR libc6-ppc64 DPKG is earlier than 2.7-10ubuntu8
  • OR Release section
  • Ubuntu 10.10 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • glibc-doc DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR eglibc-source DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is powerpc
  • OR Installed architecture is armel
  • OR Installed architecture is amd64
  • OR Installed architecture is i386
  • AND Packages section
  • libc-bin DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libnss-files-udeb DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc6-prof DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc6 DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc6-dev DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc6-pic DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc-dev-bin DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libnss-dns-udeb DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR nscd DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc6-dbg DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc6-udeb DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR Architecture depended section
  • Installed architecture is i386
  • AND Packages section
  • libc6-amd64 DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc6-dev-amd64 DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc6-xen DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR Supported platform section
  • Installed architecture is powerpc
  • AND Packages section
  • libc6-dev-ppc64 DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR libc6-ppc64 DPKG is earlier than 2.12.1-0ubuntu10.1
  • OR Release section
  • Ubuntu 9.10 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • glibc-doc DPKG is earlier than 2.10.1-0ubuntu19
  • OR eglibc-source DPKG is earlier than 2.10.1-0ubuntu19
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is lpia
  • AND Packages section
  • libc-bin DPKG is earlier than 2.10.1-0ubuntu19
  • OR libnss-files-udeb DPKG is earlier than 2.10.1-0ubuntu19
  • OR libc6-prof DPKG is earlier than 2.10.1-0ubuntu19
  • OR libc6 DPKG is earlier than 2.10.1-0ubuntu19
  • OR libc6-dev DPKG is earlier than 2.10.1-0ubuntu19
  • OR libc6-pic DPKG is earlier than 2.10.1-0ubuntu19
  • OR libc-dev-bin DPKG is earlier than 2.10.1-0ubuntu19
  • OR libnss-dns-udeb DPKG is earlier than 2.10.1-0ubuntu19
  • OR nscd DPKG is earlier than 2.10.1-0ubuntu19
  • OR libc6-dbg DPKG is earlier than 2.10.1-0ubuntu19
  • OR libc6-udeb DPKG is earlier than 2.10.1-0ubuntu19
  • OR Architecture depended section
  • Installed architecture is amd64
  • AND Packages section
  • libc6-dev-i386 DPKG is earlier than 2.10.1-0ubuntu19
  • OR libc6-i386 DPKG is earlier than 2.10.1-0ubuntu19
  • OR Supported platform section
  • Installed architecture is powerpc
  • AND Packages section
  • libc6-dev-ppc64 DPKG is earlier than 2.10.1-0ubuntu19
  • OR libc6-ppc64 DPKG is earlier than 2.10.1-0ubuntu19
  • OR Release section
  • Ubuntu 10.04 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • glibc-doc DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR eglibc-source DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is armel
  • AND Packages section
  • libc-bin DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libnss-files-udeb DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR nscd DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libnss-dns-udeb DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-dev DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-pic DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc-dev-bin DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6 DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-prof DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-dbg DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-udeb DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR Architecture depended section
  • Installed architecture is sparc
  • AND Packages section
  • libc6-dev-sparc64 DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-sparc64v DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-sparcv9b DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-sparcv9v2 DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-sparc64b DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-sparc64v2 DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-sparc64 DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-sparcv9v DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR Supported platform section
  • Installed architecture is powerpc
  • AND Packages section
  • libc6-dev-ppc64 DPKG is earlier than 2.11.1-0ubuntu7.7
  • OR libc6-ppc64 DPKG is earlier than 2.11.1-0ubuntu7.7
    • BACK