Vulnerability & Exploit Database

Displaying entries 1 - 10 of 17 in total

Results for: CVE-2011-1089 Back to search

Cent OS: CVE-2011-2503: CESA-2011:1089 (systemtap) Vulnerability

  • Severity: 4
  • Published: July 26, 2012

The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.

ELSA-2012-0126 Moderate: Oracle Linux glibc security update Vulnerability

  • Severity: 7
  • Published: February 14, 2012

** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduc...

ELSA-2012-0125 Moderate: Oracle Linux glibc security and bug fix update Vulnerability

  • Severity: 7
  • Published: February 14, 2012

The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a cr...

RHSA-2011:1089: systemtap security update Vulnerability

  • Severity: 4
  • Published: July 25, 2011

SystemTap is an instrumentation system for systems running the Linuxkernel. The system allows developers to write scripts to collect data onthe operation of the system.A race condition flaw was found in the way the staprun utility performedmodule loading. A local user who is a member of the stapusr group could usethis flaw to modify a si...

VMSA-2012-0018: Update to ESX glibc package (CVE-2011-1089) Vulnerability

  • Severity: 3
  • Published: April 09, 2011

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability...

VMSA-2012-0013: Update to ESX service console glibc RPM (CVE-2011-1089) Vulnerability

  • Severity: 3
  • Published: April 09, 2011

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability...

SUSE Linux Security Vulnerability: CVE-2011-1089 Vulnerability

  • Severity: 3
  • Published: April 09, 2011

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability...

Gentoo Linux: CVE-2011-1089: GNU C Library: Multiple vulnerabilities Vulnerability

  • Severity: 3
  • Published: April 09, 2011

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability...

Cent OS: CVE-2011-1089: CESA-2012:0126 (glibc) Vulnerability

  • Severity: 3
  • Published: April 09, 2011

The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability...

RHSA-2012:0126: glibc security update Vulnerability

  • Severity: 7
  • Published: March 30, 2011

The glibc packages contain the standard C libraries used by multipleprograms on the system. These packages contain the standard C and thestandard math libraries. Without these two libraries, a Linux system cannotfunction properly.An integer overflow flaw, leading to a heap-based buffer overflow, wasfound in the way the glibc library read...