CVE-2009-5029: Integer Overflow
First published: Wed Dec 07 2011(Updated: )
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNU glibc | =2.1.2 | |
| GNU glibc | =2.0.5 | |
| GNU glibc | =2.0.6 | |
| GNU glibc | =2.1.1 | |
| GNU glibc | =2.0.3 | |
| GNU glibc | =2.0 | |
| GNU glibc | =2.13 | |
| GNU glibc | =2.1.1.6 | |
| GNU glibc | =2.1 | |
| GNU glibc | =2.1.9 | |
| GNU glibc | =2.0.1 | |
| GNU glibc | =2.0.4 | |
| GNU glibc | =2.0.2 | |
| GNU glibc | =2.1.3 | |
| GNU glibc | <=2.14 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=761245
- http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html
- http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/
- http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html
- http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=97ac2654b2d831acaa18a2b018b0736245903fd2
- http://rcvalle.com/post/14169476482/exploiting-glibc-tzfile-read-integer-overflow-to
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=767696
- http://rcvalle.com/post/14261796328/more-on-exploiting-glibc-tzfile-read-integer-overflow
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=761245#c15
- http://sourceware.org/bugzilla/show_bug.cgi?id=13506
- http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=97ac2654b2d831acaa18a2b018b0736245903fd2
- http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8fa26d571d4b87a1c7a7f19f1365f7e5d2995933
- https://rhn.redhat.com/errata/RHSA-2012-0058.html
- https://rhn.redhat.com/errata/RHSA-2012-0126.html
- https://rhn.redhat.com/errata/RHSA-2012-0125.html
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-5029
- vendor/gnu
- canonical/gnu glibc
- version/gnu glibc/2.1.2
- version/gnu glibc/2.0.5
- version/gnu glibc/2.0.6
- version/gnu glibc/2.1.1
- version/gnu glibc/2.0.3
- version/gnu glibc/2.0
- version/gnu glibc/2.13
- version/gnu glibc/2.1.1.6
- version/gnu glibc/2.1
- version/gnu glibc/2.1.9
- version/gnu glibc/2.0.1
- version/gnu glibc/2.0.4
- version/gnu glibc/2.0.2
- version/gnu glibc/2.1.3
- version/gnu glibc/2.14