Oval Definition:oval:org.mitre.oval:def:7481
Revision Date:2014-06-23Version:20
Title:DSA-1958 libtool -- privilege escalation
Description:It was discovered that ltdl, a system-independent dlopen wrapper for GNU libtool, can be tricked to load and run modules from an arbitrary directory, which might be used to execute arbitrary code with the privileges of the user running an application that uses libltdl.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-3736
DSA-1958
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):libtool
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND libtool-doc is earlier than 1.5.26-4+lenny1
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • libltdl3 is earlier than 1.5.26-4+lenny1
  • OR libltdl3-dev is earlier than 1.5.26-4+lenny1
  • OR libtool is earlier than 1.5.26-4+lenny1
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND libtool-doc is earlier than 1.5.22-4+etch1
  • OR libltdl3 is earlier than 1.5.22-4+etch1
  • OR libltdl3-dev is earlier than 1.5.22-4+etch1
  • OR libtool is earlier than 1.5.22-4+etch1
    • BACK