Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2010-0039.NASL
HistoryJan 15, 2010 - 12:00 a.m.

CentOS 3 / 4 / 5 : gcc / gcc4 (CESA-2010:0039)

2010-01-1500:00:00
This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
60

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

10.1%

JSON

Updated gcc and gcc4 packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The gcc and gcc4 packages include, among others, C, C++, and Java GNU compilers and related support libraries. libgcj contains a copy of GNU Libtool’s libltdl library.

A flaw was found in the way GNU Libtool’s libltdl library looked for libraries to load. It was possible for libltdl to load a malicious library from the current working directory. In certain configurations, if a local attacker is able to trick a local user into running a Java application (which uses a function to load native libraries, such as System.loadLibrary) from within an attacker-controlled directory containing a malicious library or module, the attacker could possibly execute arbitrary code with the privileges of the user running the Java application. (CVE-2009-3736)

All gcc and gcc4 users should upgrade to these updated packages, which contain a backported patch to correct this issue. All running Java applications using libgcj must be restarted for this update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2010:0039 and 
# CentOS Errata and Security Advisory 2010:0039 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(44027);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2009-3736");
  script_bugtraq_id(37128);
  script_xref(name:"RHSA", value:"2010:0039");

  script_name(english:"CentOS 3 / 4 / 5 : gcc / gcc4 (CESA-2010:0039)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote CentOS host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated gcc and gcc4 packages that fix one security issue are now
available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

The gcc and gcc4 packages include, among others, C, C++, and Java GNU
compilers and related support libraries. libgcj contains a copy of GNU
Libtool's libltdl library.

A flaw was found in the way GNU Libtool's libltdl library looked for
libraries to load. It was possible for libltdl to load a malicious
library from the current working directory. In certain configurations,
if a local attacker is able to trick a local user into running a Java
application (which uses a function to load native libraries, such as
System.loadLibrary) from within an attacker-controlled directory
containing a malicious library or module, the attacker could possibly
execute arbitrary code with the privileges of the user running the
Java application. (CVE-2009-3736)

All gcc and gcc4 users should upgrade to these updated packages, which
contain a backported patch to correct this issue. All running Java
applications using libgcj must be restarted for this update to take
effect."
  );
  # https://lists.centos.org/pipermail/centos-announce/2010-January/016445.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?5169e0d9"
  );
  # https://lists.centos.org/pipermail/centos-announce/2010-January/016446.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9dfe4767"
  );
  # https://lists.centos.org/pipermail/centos-announce/2010-January/016457.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?8a27e07e"
  );
  # https://lists.centos.org/pipermail/centos-announce/2010-January/016458.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?c67af7bf"
  );
  # https://lists.centos.org/pipermail/centos-announce/2010-January/016459.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?1304df07"
  );
  # https://lists.centos.org/pipermail/centos-announce/2010-January/016460.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9a0118e6"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected gcc and / or gcc4 packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cpp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-c++");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-g77");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-gfortran");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-gnat");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-java");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-objc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-objc++");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc4-c++");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc4-gfortran");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc4-java");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libf2c");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgcc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgcj");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgcj-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgcj-src");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgcj4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgcj4-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgcj4-src");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgfortran");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgnat");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgomp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libmudflap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libmudflap-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libobjc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libstdc++");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libstdc++-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/01/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"CentOS Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^(3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 3.x / 4.x / 5.x", "CentOS " + os_ver);

if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);


flag = 0;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"cpp-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"cpp-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"gcc-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"gcc-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"gcc-c++-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"gcc-c++-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"gcc-g77-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"gcc-g77-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"gcc-gnat-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"gcc-gnat-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"gcc-java-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"gcc-java-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"gcc-objc-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"gcc-objc-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"libf2c-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"libf2c-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"libgcc-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"libgcc-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"libgcj-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"libgcj-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"libgcj-devel-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"libgcj-devel-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"libgnat-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"libgnat-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"libobjc-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"libobjc-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"libstdc++-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"libstdc++-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"i386", reference:"libstdc++-devel-3.2.3-60")) flag++;
if (rpm_check(release:"CentOS-3", cpu:"x86_64", reference:"libstdc++-devel-3.2.3-60")) flag++;

if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"cpp-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"cpp-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc-c++-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc-c++-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc-g77-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc-g77-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc-gnat-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc-gnat-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc-java-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc-java-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc-objc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc-objc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc4-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc4-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc4-c++-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc4-c++-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc4-gfortran-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc4-gfortran-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"gcc4-java-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"gcc4-java-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libf2c-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libf2c-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libgcc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libgcc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libgcj-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libgcj-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libgcj-devel-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libgcj-devel-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libgcj4-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libgcj4-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libgcj4-devel-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libgcj4-devel-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libgcj4-src-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libgcj4-src-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libgfortran-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libgfortran-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libgnat-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libgnat-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libgomp-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libgomp-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libmudflap-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libmudflap-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libmudflap-devel-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libmudflap-devel-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libobjc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libobjc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libstdc++-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libstdc++-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libstdc++-devel-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libstdc++-devel-3.4.6-11.el4_8.1")) flag++;

if (rpm_check(release:"CentOS-5", reference:"cpp-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"gcc-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"gcc-c++-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"gcc-gfortran-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"gcc-gnat-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"gcc-java-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"gcc-objc-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"gcc-objc++-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libgcc-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libgcj-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libgcj-devel-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libgcj-src-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libgfortran-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libgnat-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libmudflap-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libmudflap-devel-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libobjc-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libstdc++-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libstdc++-devel-4.1.2-46.el5_4.2")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cpp / gcc / gcc-c++ / gcc-g77 / gcc-gfortran / gcc-gnat / gcc-java / etc");
}

Related

openvas 94
nessus 50
fedora 23
cve 1
prion 1
debian 1
freebsd 1
centos 2
oraclelinux 2
redhat 3
seebug 1
nvd 1
ubuntucve 1
osv 1
debiancve 1
cvelist 1
veracode 1
gentoo 2
vmware 2
openvas
openvas
CentOS Update for libtool CESA-2009:1646 centos4 i386
2011-08-09 00:00:00
Fedora Update for mingw32-libltdl FEDORA-2010-2943
2010-03-02 00:00:00
Fedora Core 12 FEDORA-2009-12562 (libtool)
2009-12-30 00:00:00
nessus
nessus
Fedora 15 : q-7.11-10.fc15 (2011-1990)
2011-03-03 00:00:00
Debian DSA-1958-1 : libtool - privilege escalation
2010-02-24 00:00:00
RHEL 5 : gcc44 (Unpatched Vulnerability)
2024-06-03 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: esorex-3.7.2-6.fc13
2010-03-10 06:54:45
[SECURITY] Fedora 11 Update: libtool-2.2.6-11.fc11.3
2009-12-22 04:40:01
[SECURITY] Fedora 12 Update: gnu-smalltalk-3.1-8.fc12
2010-03-20 03:33:32
cve
cve
CVE-2009-3736
2009-11-29 13:07:52
prion
prion
Code injection
2009-11-29 13:07:00
debian
debian
[SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation
2009-12-29 17:27:07
freebsd
freebsd
libtool -- Library Search Path Privilege Escalation Issue
2009-11-25 00:00:00
centos
centos
cpp, gcc, gcc4, libf2c, libgcc, libgcj, libgcj4, libgfortran, libgnat, libgomp, libmudflap, libobjc, libstdc++ security update
2010-01-14 12:58:41
libtool security update
2009-12-08 22:18:58
oraclelinux
oraclelinux
libtool security update
2009-12-08 00:00:00
gcc and gcc4 security update
2010-01-13 00:00:00
redhat
redhat
(RHSA-2009:1646) Moderate: libtool security update
2009-12-08 00:00:00
(RHSA-2010:0039) Moderate: gcc and gcc4 security update
2010-01-13 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
seebug
seebug
GNU Libtool libltdl库搜索路径本地权限提升漏洞
2009-12-02 00:00:00
nvd
nvd
CVE-2009-3736
2009-11-29 13:07:52
ubuntucve
ubuntucve
CVE-2009-3736
2009-11-29 00:00:00
osv
osv
libtool - privilege escalation
2009-12-29 00:00:00
debiancve
debiancve
CVE-2009-3736
2009-11-29 13:07:52
cvelist
cvelist
CVE-2009-3736
2009-11-27 20:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:41:57
gentoo
gentoo
GraphicsMagick: Multiple vulnerabilities
2013-11-19 00:00:00
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00
vmware
vmware
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

EPSS

0

Percentile

10.1%

JSON
Related for CENTOS_RHSA-2010-0039.NASL
openvas94nessus50fedora23cve1prion1debian1freebsd1centos2oraclelinux2redhat3seebug1nvd1ubuntucve1osv1debiancve1cvelist1veracode1gentoo2vmware2