glibc SUID binaries information disclosure
| glibc-suid-info-disclosure (17006) |  Medium Risk |
Description:
Multiple versions of glibc could allow a local attacker to gain access to sensitive information, caused by a vulnerability with the debugging of SUID binaries. If a local attacker obtains a list of the symbols the SUID program uses along with the locations, then uses a trojaned library to take control over the symbols, the attacker could obtain sensitive information about the system. It may be possible for an attacker to use this vulnerability to perform further attacks on the system.
Platforms Affected:
- Gentoo, Linux
- GNU, glibc 2.0
- GNU, glibc 2.0.1
- GNU, glibc 2.0.2
- GNU, glibc 2.0.3
- GNU, glibc 2.0.4
- GNU, glibc 2.0.5
- GNU, glibc 2.0.6
- GNU, glibc 2.1
- GNU, glibc 2.1.1
- GNU, glibc 2.1.1.6
- GNU, glibc 2.1.2
- GNU, glibc 2.1.3
- GNU, Glibc 2.1.3.10
- GNU, glibc 2.1.9
- GNU, glibc 2.2
- GNU, glibc 2.2.1
- GNU, glibc 2.2.2
- GNU, glibc 2.2.3
- GNU, glibc 2.2.4
- GNU, glibc 2.2.5
- GNU, glibc 2.3
- GNU, glibc 2.3.1
- GNU, glibc 2.3.2
- GNU, glibc 2.3.3
- GNU, glibc 2.3.4
- RedHat, Enterprise Linux 2.1 ES
- RedHat, Enterprise Linux 2.1 WS
- RedHat, Enterprise Linux 2.1 AS
- RedHat, Enterprise Linux 3 Desktop
- RedHat, Enterprise Linux 3 AS
- RedHat, Enterprise Linux 3 ES
- RedHat, Enterprise Linux 3 WS
- RedHat, Linux Advanced Workstation 2.1 Itanium
Remedy:
Upgrade to the latest version of glibc (2.3.2-r11 or 2.3.4.20040619-r1 or 2.3.3.20040420-r1 or later), as listed in GLSA 200408-16. See References.
For Red Hat Linux:
Refer to RHSA-2005:256-10 or RHSA-2005:261-06 for patch, upgrade, or suggested workaround information. See References.
Consequences:
Obtain Information
References:
- Bugzilla Bug 59526, sys-libs/glibc potential info leak vuln at http://bugs.gentoo.org/show_bug.cgi?id=59526.
- GNU C Library Web page, GNC C Library - GNU Project - Free Software Foundation (FSF) at http://www.gnu.org/software/libc/libc.html.
- BID-10963: GNU GLibC LD_DEBUG Local Information Disclosure Vulnerability
- CVE-2004-1453: GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
- GLSA-200408-16: glibc: Information leak with LD_DEBUG
- RHSA-2005-256: glibc security update
- RHSA-2005-261: glibc security update
- SA12306: Gentoo glibc Unprivileged Debugging Weakness
Reported:
Aug 16, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net