Oval Definition:oval:org.opensuse.security:def:20111089
Revision Date:2022-05-20Version:1
Title:CVE-2011-1089
Description:

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2011-1089
Mitre CVE-2011-1089
SUSE CVE-2011-1089
openSUSE-SU-2011:0985-1
openSUSE-SU-2011:0985-1
SUSE-SU-2012:1488-1
SUSE-SU-2012:1488-1
SUSE-SU-2013:1251-1
SUSE-SU-2013:1251-1
SUSE-SU-2013:1287-1
SUSE-SU-2013:1287-1
Platform(s):openSUSE 11.3
openSUSE 11.4
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for x86
SLE SDK 10 SP4 for X86-64
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP4 for IPF
SUSE Linux Enterprise Server 10 SP4 for x86
SUSE Linux Enterprise Server 11 SP1 for Teradata
SUSE Linux Enterprise Server 11 SP1 LTSS
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server for SAP 10 SP3
SUSE Linux Enterprise Server for SAP Applications 11 SP1-LTSS
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Teradata 10 SP3 for AMD64 and Intel EM64T
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp3-ltss is installed
  • AND
  • glibc-32bit less than 2.4-31.77.102.1
  • OR glibc-devel-32bit less than 2.4-31.77.102.1
  • OR glibc-devel less than 2.4-31.77.102.1
  • OR glibc-html less than 2.4-31.77.102.1
  • OR glibc-i18ndata less than 2.4-31.77.102.1
  • OR glibc-info less than 2.4-31.77.102.1
  • OR glibc-locale-32bit less than 2.4-31.77.102.1
  • OR glibc-locale less than 2.4-31.77.102.1
  • OR glibc-profile-32bit less than 2.4-31.77.102.1
  • OR glibc-profile less than 2.4-31.77.102.1
  • OR glibc less than 2.4-31.77.102.1
  • OR nscd less than 2.4-31.77.102.1
  • OR Package Information
  • sles10-sp3 is installed
  • ncpfs-devel less than 2.2.6-24.19.1
  • OR ncpfs less than 2.2.6-24.19.1
  • OR
  • sles10-sp3-sdk is installed
  • AND ncpfs-devel less than 2.2.6-24.19.1
  • OR Package Information
  • sles10-sp4 is installed
  • glibc-32bit less than 2.4-31.103.1
  • OR glibc-64bit less than 2.4-31.103.1
  • OR glibc-devel-32bit less than 2.4-31.103.1
  • OR glibc-devel-64bit less than 2.4-31.103.1
  • OR glibc-devel less than 2.4-31.103.1
  • OR glibc-html less than 2.4-31.103.1
  • OR glibc-i18ndata less than 2.4-31.103.1
  • OR glibc-info less than 2.4-31.103.1
  • OR glibc-locale-32bit less than 2.4-31.103.1
  • OR glibc-locale-64bit less than 2.4-31.103.1
  • OR glibc-locale-x86 less than 2.4-31.103.1
  • OR glibc-locale less than 2.4-31.103.1
  • OR glibc-profile-32bit less than 2.4-31.103.1
  • OR glibc-profile-64bit less than 2.4-31.103.1
  • OR glibc-profile-x86 less than 2.4-31.103.1
  • OR glibc-profile less than 2.4-31.103.1
  • OR glibc-x86 less than 2.4-31.103.1
  • OR glibc less than 2.4-31.103.1
  • OR nscd less than 2.4-31.103.1
  • OR
  • sles10-sp4-sdk is installed
  • glibc-dceext-32bit less than 2.4-31.103.1
  • OR glibc-dceext-64bit less than 2.4-31.103.1
  • OR glibc-dceext-x86 less than 2.4-31.103.1
  • OR glibc-dceext less than 2.4-31.103.1
  • OR glibc-html less than 2.4-31.103.1
  • OR glibc-profile-32bit less than 2.4-31.103.1
  • OR glibc-profile-64bit less than 2.4-31.103.1
  • OR glibc-profile-x86 less than 2.4-31.103.1
  • OR glibc-profile less than 2.4-31.103.1
  • OR Package Information
  • sles10-sp4 is installed
  • ncpfs-devel less than 2.2.6-24.19.1
  • OR ncpfs less than 2.2.6-24.19.1
  • OR
  • sles10-sp4-sdk is installed
  • AND ncpfs-devel less than 2.2.6-24.19.1
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP1-LTSS is installed
  • AND Package Information
  • glibc-2.11.1-0.50 is installed
  • OR glibc-32bit-2.11.1-0.50 is installed
  • OR glibc-devel-2.11.1-0.50 is installed
  • OR glibc-devel-32bit-2.11.1-0.50 is installed
  • OR glibc-html-2.11.1-0.50 is installed
  • OR glibc-i18ndata-2.11.1-0.50 is installed
  • OR glibc-info-2.11.1-0.50 is installed
  • OR glibc-locale-2.11.1-0.50 is installed
  • OR glibc-locale-32bit-2.11.1-0.50 is installed
  • OR glibc-profile-2.11.1-0.50 is installed
  • OR glibc-profile-32bit-2.11.1-0.50 is installed
  • OR nscd-2.11.1-0.50 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-LTSS is installed
  • AND Package Information
  • glibc-2.11.1-0.50 is installed
  • OR glibc-32bit-2.11.1-0.50 is installed
  • OR glibc-devel-2.11.1-0.50 is installed
  • OR glibc-devel-32bit-2.11.1-0.50 is installed
  • OR glibc-html-2.11.1-0.50 is installed
  • OR glibc-i18ndata-2.11.1-0.50 is installed
  • OR glibc-info-2.11.1-0.50 is installed
  • OR glibc-locale-2.11.1-0.50 is installed
  • OR glibc-locale-32bit-2.11.1-0.50 is installed
  • OR glibc-profile-2.11.1-0.50 is installed
  • OR glibc-profile-32bit-2.11.1-0.50 is installed
  • OR nscd-2.11.1-0.50 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-LTSS is installed
  • AND
  • glibc-2.11.1-0.50 is installed
  • OR glibc-32bit-2.11.1-0.58 is installed
  • OR glibc-devel-2.11.1-0.50 is installed
  • OR glibc-devel-32bit-2.11.1-0.58 is installed
  • OR glibc-html-2.11.1-0.50 is installed
  • OR glibc-i18ndata-2.11.1-0.50 is installed
  • OR glibc-info-2.11.1-0.50 is installed
  • OR glibc-locale-2.11.1-0.50 is installed
  • OR glibc-locale-32bit-2.11.1-0.58 is installed
  • OR glibc-profile-2.11.1-0.50 is installed
  • OR glibc-profile-32bit-2.11.1-0.58 is installed
  • OR libxcrypt-3.0.3-0.4 is installed
  • OR libxcrypt-32bit-3.0.3-0.4 is installed
  • OR nscd-2.11.1-0.50 is installed
  • OR pam-modules-11-1.18 is installed
  • OR pam-modules-32bit-11-1.18 is installed
  • OR pwdutils-3.2.8-0.4 is installed
  • OR pwdutils-plugin-audit-3.2.8-0.4 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND
  • glibc-2.11.1-0.46 is installed
  • OR glibc-32bit-2.11.1-0.46 is installed
  • OR glibc-devel-2.11.1-0.46 is installed
  • OR glibc-devel-32bit-2.11.1-0.46 is installed
  • OR glibc-html-2.11.1-0.46 is installed
  • OR glibc-i18ndata-2.11.1-0.46 is installed
  • OR glibc-info-2.11.1-0.46 is installed
  • OR glibc-locale-2.11.1-0.46 is installed
  • OR glibc-locale-32bit-2.11.1-0.46 is installed
  • OR glibc-profile-2.11.1-0.46 is installed
  • OR glibc-profile-32bit-2.11.1-0.46 is installed
  • OR libxcrypt-3.0.3-0.4 is installed
  • OR libxcrypt-32bit-3.0.3-0.4 is installed
  • OR nscd-2.11.1-0.46 is installed
  • OR pam-modules-11-1.18 is installed
  • OR pam-modules-32bit-11-1.18 is installed
  • OR pwdutils-3.2.8-0.4 is installed
  • OR pwdutils-plugin-audit-3.2.8-0.4 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1-LTSS is installed
  • AND
  • glibc-2.11.1-0.50.1 is installed
  • OR glibc-32bit-2.11.1-0.58.1 is installed
  • OR glibc-devel-2.11.1-0.50.1 is installed
  • OR glibc-devel-32bit-2.11.1-0.58.1 is installed
  • OR glibc-html-2.11.1-0.50.1 is installed
  • OR glibc-i18ndata-2.11.1-0.50.1 is installed
  • OR glibc-info-2.11.1-0.50.1 is installed
  • OR glibc-locale-2.11.1-0.50.1 is installed
  • OR glibc-locale-32bit-2.11.1-0.58.1 is installed
  • OR glibc-profile-2.11.1-0.50.1 is installed
  • OR glibc-profile-32bit-2.11.1-0.58.1 is installed
  • OR libxcrypt-3.0.3-0.4.1 is installed
  • OR libxcrypt-32bit-3.0.3-0.4.1 is installed
  • OR nscd-2.11.1-0.50.1 is installed
  • OR pam-modules-11-1.18.1 is installed
  • OR pam-modules-32bit-11-1.18.1 is installed
  • OR pwdutils-3.2.8-0.4.1 is installed
  • OR pwdutils-plugin-audit-3.2.8-0.4.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • AND
  • glibc-2.11.1-0.46.1 is installed
  • OR glibc-32bit-2.11.1-0.46.1 is installed
  • OR glibc-devel-2.11.1-0.46.1 is installed
  • OR glibc-devel-32bit-2.11.1-0.46.1 is installed
  • OR glibc-html-2.11.1-0.46.1 is installed
  • OR glibc-i18ndata-2.11.1-0.46.1 is installed
  • OR glibc-info-2.11.1-0.46.1 is installed
  • OR glibc-locale-2.11.1-0.46.1 is installed
  • OR glibc-locale-32bit-2.11.1-0.46.1 is installed
  • OR glibc-profile-2.11.1-0.46.1 is installed
  • OR glibc-profile-32bit-2.11.1-0.46.1 is installed
  • OR libxcrypt-3.0.3-0.4.1 is installed
  • OR libxcrypt-32bit-3.0.3-0.4.1 is installed
  • OR nscd-2.11.1-0.46.1 is installed
  • OR pam-modules-11-1.18.1 is installed
  • OR pam-modules-32bit-11-1.18.1 is installed
  • OR pwdutils-3.2.8-0.4.1 is installed
  • OR pwdutils-plugin-audit-3.2.8-0.4.1 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • AND glibc is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-LTSS is installed
  • AND
  • glibc-2.11.1-0.50.1 is installed
  • OR glibc-32bit-2.11.1-0.50.1 is installed
  • OR glibc-devel-2.11.1-0.50.1 is installed
  • OR glibc-devel-32bit-2.11.1-0.50.1 is installed
  • OR glibc-html-2.11.1-0.50.1 is installed
  • OR glibc-i18ndata-2.11.1-0.50.1 is installed
  • OR glibc-info-2.11.1-0.50.1 is installed
  • OR glibc-locale-2.11.1-0.50.1 is installed
  • OR glibc-locale-32bit-2.11.1-0.50.1 is installed
  • OR glibc-profile-2.11.1-0.50.1 is installed
  • OR glibc-profile-32bit-2.11.1-0.50.1 is installed
  • OR nscd-2.11.1-0.50.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • AND
  • glibc-2.11.1-0.46.1 is installed
  • OR glibc-32bit-2.11.1-0.46.1 is installed
  • OR glibc-devel-2.11.1-0.46.1 is installed
  • OR glibc-devel-32bit-2.11.1-0.46.1 is installed
  • OR glibc-html-2.11.1-0.46.1 is installed
  • OR glibc-i18ndata-2.11.1-0.46.1 is installed
  • OR glibc-info-2.11.1-0.46.1 is installed
  • OR glibc-locale-2.11.1-0.46.1 is installed
  • OR glibc-locale-32bit-2.11.1-0.46.1 is installed
  • OR glibc-profile-2.11.1-0.46.1 is installed
  • OR glibc-profile-32bit-2.11.1-0.46.1 is installed
  • OR libxcrypt-3.0.3-0.4.1 is installed
  • OR libxcrypt-32bit-3.0.3-0.4.1 is installed
  • OR nscd-2.11.1-0.46.1 is installed
  • OR pam-modules-11-1.18.1 is installed
  • OR pam-modules-32bit-11-1.18.1 is installed
  • OR pwdutils-3.2.8-0.4.1 is installed
  • OR pwdutils-plugin-audit-3.2.8-0.4.1 is installed
  • BACK