CVE-2011-0536

Name of the Vulnerable Software and Affected Versions glibc versions prior to 2.15-r3 GNU C Library (glibc) versions 2.5-49.el5 5.6 GNU C Library (glibc) versions 2.12-1.7.el6 0.3

Description The issue concerns multiple vulnerabilities in the glibc package, which can lead to breaches of confidentiality, integrity, and availability of protected information. Exploitation can occur locally. Specifically, untrusted search path vulnerabilities in certain modified versions of glibc allow local users to gain privileges via a crafted dynamic shared object in a subdirectory of the current working directory during execution of a setuid or setgid program.

Recommendations For glibc versions prior to 2.15-r3, update to version 2.15-r3 or later to resolve the issue. For GNU C Library (glibc) versions 2.5-49.el5 5.6 and 2.12-1.7.el6 0.3, consider disabling the setuid and setgid programs that have $ORIGIN in RPATH or RUNPATH until a patch is available. As a temporary workaround, restrict access to subdirectories of the current working directory to minimize the risk of exploitation.