Cisco Bug: CSCuo36812 - GNU glibc String Protection Security Bypass Vulnerability
Jan 30, 2020
- Cisco Intercloud Fabric
Known Affected Releases
Symptom: Cisco Virtual Network Management Center includes a version of GNU C Library (glibc) that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2007-3508: Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution. This has been classified by the vendor as having a CVSSv2 score of 7.2 (AV:L/AC:L/AU:N/C:C/I:C/A:C) Please note that this vulnerability has since then been analysed by the mainters of glibc, and they have concluded that this is not exploitable. They have nevertheless addressed the root cause of this. CVE-2010-2632: Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames. This has been classified by the vendor as having a CVSSv2 score of 7.8 (AV:N/AC:L/AU:N/C:N/I:N/A:C) CVE-2010-3847: elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory. This has been classified by the vendor as having a CVSSv2 score of 6.9 (AV:L/AC:M/AU:N/C:C/I:C/A:C) CVE-2011-1659: Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071. This has been classified by the vendor as having a CVSSv2 score of 5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P) This bug was opened to address the potential impact on this product. Conditions: Running a version of Cisco Virtual Network Management Center prior to this bugfix.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases