Vulnerability Name:

CVE-2011-4609 (CCN-72399)

Assigned:2011-05-05
Published:2011-05-05
Updated:2013-05-03
Summary:The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
3.3 Low (REDHAT CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P)
2.4 Low (REDHAT Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2011-4609

Source: CCN
Type: RHSA-2012-0058
Moderate: glibc security and bug fix update

Source: CCN
Type: RHSA-2012-0125
Moderate: glibc security and bug fix update

Source: CCN
Type: RHSA-2012-0126
Moderate: glibc security update

Source: CCN
Type: SA47567
GNU C Library EMFILE Error Handling Two Denial of Service Vulnerabilities

Source: CCN
Type: SA51555
VMware ESXi glibc Multiple Vulnerabilities

Source: CCN
Type: SA53166
Avaya Communication Manager OpenSSL and glibc Vulnerabilities

Source: CCN
Type: SA53537
Avaya Aura Presence Services Multiple Vulnerabilities

Source: CCN
Type: GNU C Library Web page
GNU C Library

Source: CCN
Type: OSVDB ID: 78316
GNU C Library (glibc) Multiple Function EMFILE Error Handling Remote DoS

Source: CCN
Type: BID-51439
GNU glibc 'svc_run()' EMFILE Error Handling Denial of Service Vulnerability

Source: CCN
Type: VMSA-2012-0018
VMware security updates for vCSA and ESXi

Source: CCN
Type: Red Hat Bugzilla Bug 767299
CVE-2011-4609 glibc: svc_run() produces high cpu usage when accept() fails with EMFILE error

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=767299

Source: CCN
Type: ASA-2012-156
glibc security update (RHSA-2012-0126)

Source: CCN
Type: ASA-2012-155
glibc security and bug fix update (RHSA-2012-0125)

Source: XF
Type: UNKNOWN
gnuclibrary-emfile-dos(72399)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnu:glibc:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:2.13:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:glibc:*:*:*:*:*:*:*:* (Version <= 2.14)

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

  • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

  • Configuration RedHat 11:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

  • Configuration RedHat 12:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

  • Configuration RedHat 13:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:gnu:glibc:2.14.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:5.0:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:15237
    P
    USN-1396-1 -- GNU C Library vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:22910
    P
    ELSA-2012:0126: glibc security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:23809
    P
    ELSA-2012:0058: glibc security and bug fix update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21296
    P
    RHSA-2012:0058: glibc security and bug fix update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:21365
    P
    RHSA-2012:0126: glibc security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:20676
    V
    VMware vSphere and vCOps updates to third party libraries
    2014-01-20
    oval:com.redhat.rhsa:def:20120125
    P
    RHSA-2012:0125: glibc security and bug fix update (Moderate)
    2012-02-13
    oval:com.redhat.rhsa:def:20120126
    P
    RHSA-2012:0126: glibc security update (Moderate)
    2012-02-13
    oval:com.redhat.rhsa:def:20120058
    P
    RHSA-2012:0058: glibc security and bug fix update (Moderate)
    2012-01-24
    BACK
    gnu glibc 2.0
    gnu glibc 2.0.1
    gnu glibc 2.0.2
    gnu glibc 2.0.3
    gnu glibc 2.0.4
    gnu glibc 2.0.5
    gnu glibc 2.0.6
    gnu glibc 2.1
    gnu glibc 2.1.1
    gnu glibc 2.1.1.6
    gnu glibc 2.1.2
    gnu glibc 2.1.3
    gnu glibc 2.1.9
    gnu glibc 2.13
    gnu glibc *
    gnu glibc 2.14.1
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 5
    redhat enterprise linux 5
    avaya communication manager 4.0
    avaya communication manager 5.0
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6
    vmware esxi 5.0