Guest

Preview Tool

Cisco Bug: CSCuo36812 - GNU glibc String Protection Security Bypass Vulnerability

Last Modified

Jan 30, 2020

Products (1)

  • Cisco Intercloud Fabric

Known Affected Releases

3.3

Description (partial)

Symptom:
Cisco Virtual Network Management Center includes a version of GNU C Library (glibc) that is affected by the
vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2007-3508: Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might
allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the
glibc maintainers state that they do not believe that this issue is exploitable for code
execution. This has been classified by the vendor as having a CVSSv2 score of 7.2 (AV:L/AC:L/AU:N/C:C/I:C/A:C)

Please note that this vulnerability has since then been analysed by the mainters of glibc, and they have
concluded that this is not exploitable. They have nevertheless addressed the root cause of this.

CVE-2010-2632: Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows
remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011
CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob
implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory
consumption) via crafted glob expressions that do not match any pathnames. This has been classified by the
vendor as having a CVSSv2 score of 7.8 (AV:N/AC:L/AU:N/C:N/I:N/A:C)

CVE-2010-3847: elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x
through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which
allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary
directory. This has been classified by the vendor as having a CVSSv2 score of 6.9 (AV:L/AC:M/AU:N/C:C/I:C/A:C)

CVE-2011-1659: Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier
allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string
that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than
CVE-2011-1071. This has been classified by the vendor as having a CVSSv2 score of 5.0
(AV:N/AC:L/AU:N/C:N/I:N/A:P)

This bug was opened to address the potential impact on this product.

Conditions:
Running a version of Cisco Virtual Network Management Center prior to this bugfix.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.