Lucene search
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20100113_GCC_AND_GCC4_ON_SL3_X.NASLHistoryAug 01, 2012 - 12:00 a.m.
Scientific Linux Security Update : gcc and gcc4 on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-0100:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
28
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
10.1%
CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory
A flaw was found in the way GNU Libtoolβs libltdl library looked for libraries to load. It was possible for libltdl to load a malicious library from the current working directory. In certain configurations, if a local attacker is able to trick a local user into running a Java application (which uses a function to load native libraries, such as System.loadLibrary) from within an attacker-controlled directory containing a malicious library or module, the attacker could possibly execute arbitrary code with the privileges of the user running the Java application. (CVE-2009-3736)
All running Java applications using libgcj must be restarted for this update to take effect.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(60722);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2009-3736");
script_name(english:"Scientific Linux Security Update : gcc and gcc4 on SL3.x, SL4.x, SL5.x i386/x86_64");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"CVE-2009-3736 libtool: libltdl may load and execute code from a
library in the current directory
A flaw was found in the way GNU Libtool's libltdl library looked for
libraries to load. It was possible for libltdl to load a malicious
library from the current working directory. In certain configurations,
if a local attacker is able to trick a local user into running a Java
application (which uses a function to load native libraries, such as
System.loadLibrary) from within an attacker-controlled directory
containing a malicious library or module, the attacker could possibly
execute arbitrary code with the privileges of the user running the
Java application. (CVE-2009-3736)
All running Java applications using libgcj must be restarted for this
update to take effect."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1001&L=scientific-linux-errata&T=0&P=2048
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?be3dac8d"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"patch_publication_date", value:"2010/01/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL3", reference:"cpp-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"gcc-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"gcc-c++-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"gcc-g77-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"gcc-gnat-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"gcc-java-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"gcc-objc-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"libf2c-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"libgcc-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"libgcj-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"libgcj-devel-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"libgnat-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"libobjc-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"libstdc++-3.2.3-60")) flag++;
if (rpm_check(release:"SL3", reference:"libstdc++-devel-3.2.3-60")) flag++;
if (rpm_check(release:"SL4", reference:"cpp-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc-c++-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc-g77-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc-gnat-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc-java-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc-objc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc4-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc4-c++-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc4-gfortran-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"gcc4-java-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libf2c-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libgcc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libgcj-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libgcj-devel-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libgcj4-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libgcj4-devel-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libgcj4-src-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libgfortran-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libgnat-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libgomp-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libmudflap-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libmudflap-devel-4.1.2-44.EL4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libobjc-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libstdc++-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL4", reference:"libstdc++-devel-3.4.6-11.el4_8.1")) flag++;
if (rpm_check(release:"SL5", reference:"cpp-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"gcc-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"gcc-c++-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"gcc-gfortran-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"gcc-gnat-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"gcc-java-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"gcc-objc-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"gcc-objc++-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libgcc-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libgcj-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libgcj-devel-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libgcj-src-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libgfortran-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libgnat-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libmudflap-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libmudflap-devel-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libobjc-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libstdc++-4.1.2-46.el5_4.2")) flag++;
if (rpm_check(release:"SL5", reference:"libstdc++-devel-4.1.2-46.el5_4.2")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fermilab | scientific_linux | x-cpe:/o:fermilab:scientific_linux |
Related
openvas
openvas
CentOS Update for libtool CESA-2009:1646 centos4 i386
2011-08-09 00:00:00
Fedora Update for mingw32-libltdl FEDORA-2010-2943
2010-03-02 00:00:00
Fedora Core 12 FEDORA-2009-12562 (libtool)
2009-12-30 00:00:00
nessus
nessus
Fedora 15 : q-7.11-10.fc15 (2011-1990)
2011-03-03 00:00:00
Debian DSA-1958-1 : libtool - privilege escalation
2010-02-24 00:00:00
SuSE 11 Security Update : libtool (SAT Patch Number 1626)
2010-01-05 00:00:00
prion
prion
Code injection
2009-11-29 13:07:00
fedora
fedora
[SECURITY] Fedora 13 Update: esorex-3.7.2-6.fc13
2010-03-10 06:54:45
[SECURITY] Fedora 11 Update: libtool-2.2.6-11.fc11.3
2009-12-22 04:40:01
[SECURITY] Fedora 12 Update: gnu-smalltalk-3.1-8.fc12
2010-03-20 03:33:32
debian
debian
[SECURITY] [DSA 1958-1] New libtool packages fix privilege escalation
2009-12-29 17:27:07
freebsd
freebsd
libtool -- Library Search Path Privilege Escalation Issue
2009-11-25 00:00:00
cve
cve
CVE-2009-3736
2009-11-29 13:07:52
ubuntucve
ubuntucve
CVE-2009-3736
2009-11-29 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:41:57
osv
osv
libtool - privilege escalation
2009-12-29 00:00:00
cvelist
cvelist
CVE-2009-3736
2009-11-27 20:00:00
debiancve
debiancve
CVE-2009-3736
2009-11-29 13:07:52
redhat
redhat
(RHSA-2010:0039) Moderate: gcc and gcc4 security update
2010-01-13 00:00:00
(RHSA-2009:1646) Moderate: libtool security update
2009-12-08 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
centos
centos
cpp, gcc, gcc4, libf2c, libgcc, libgcj, libgcj4, libgfortran, libgnat, libgomp, libmudflap, libobjc, libstdc++ security update
2010-01-14 12:58:41
libtool security update
2009-12-08 22:18:58
oraclelinux
oraclelinux
libtool security update
2009-12-08 00:00:00
gcc and gcc4 security update
2010-01-13 00:00:00
nvd
nvd
CVE-2009-3736
2009-11-29 13:07:52
seebug
seebug
GNU Libtool libltdlεΊζη΄’θ·―εΎζ¬ε°ζιζεζΌζ΄
2009-12-02 00:00:00
gentoo
gentoo
GraphicsMagick: Multiple vulnerabilities
2013-11-19 00:00:00
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00
vmware
vmware
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
10.1%
Related for SL_20100113_GCC_AND_GCC4_ON_SL3_X.NASL