CVE-2011-0532
First published: Tue Jan 25 2011(Updated: )
It was discovered that 398 / Red Hat Directory Server set LD_LIBRARY_PATH environment variable to insecure value containing empty path elements in various shell scripts used by DS (e.g. various backup/restore scripts instantiated for each DS instance, as well as the main initialization script). Such LD_LIBRARY_PATH setting causes ld.so dynamic linker to perform library search relative to the current working directory before searching system library directories. A local attacker able to trick a user running those scripts (usually the root user) to run them while working from an attacker writeable directory could use this flaw to escalate their privileges via specially crated dynamic library.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fedoraproject 389 Directory Server | =1.2.5-rc4 | |
| Fedoraproject 389 Directory Server | =1.2.3 | |
| Fedoraproject 389 Directory Server | =1.2.5-rc1 | |
| Fedoraproject 389 Directory Server | =1.2.6-rc3 | |
| Fedoraproject 389 Directory Server | =1.2.6-a3 | |
| Fedoraproject 389 Directory Server | =1.2.6-rc1 | |
| Fedoraproject 389 Directory Server | =1.2.7.5 | |
| Fedoraproject 389 Directory Server | =1.2.1 | |
| Fedoraproject 389 Directory Server | =1.2.2 | |
| Fedoraproject 389 Directory Server | =1.2.5 | |
| Fedoraproject 389 Directory Server | =1.2.8-alpha2 | |
| Fedoraproject 389 Directory Server | =1.2.6-rc6 | |
| Fedoraproject 389 Directory Server | =1.2.6.1 | |
| Fedoraproject 389 Directory Server | =1.2.5-rc3 | |
| Fedoraproject 389 Directory Server | =1.2.6-a4 | |
| Fedoraproject 389 Directory Server | =1.2.5-rc2 | |
| Fedoraproject 389 Directory Server | =1.2.8-alpha1 | |
| Fedoraproject 389 Directory Server | =1.2.6-rc2 | |
| Fedoraproject 389 Directory Server | =1.2.6-a2 | |
| Fedoraproject 389 Directory Server | =1.2.6 | |
| Fedoraproject 389 Directory Server | =1.2.6-rc7 | |
| Fedoraproject 389 Directory Server | =1.2.7-alpha3 | |
| Redhat Directory Server | =8.2 | |
| Redhat Directory Server | =8.2.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-0532
- vendor/fedoraproject
- canonical/fedoraproject 389 directory server
- version/fedoraproject 389 directory server/1.2.5-rc4
- version/fedoraproject 389 directory server/1.2.3
- version/fedoraproject 389 directory server/1.2.5-rc1
- version/fedoraproject 389 directory server/1.2.6-rc3
- version/fedoraproject 389 directory server/1.2.6-a3
- version/fedoraproject 389 directory server/1.2.6-rc1
- version/fedoraproject 389 directory server/1.2.7.5
- version/fedoraproject 389 directory server/1.2.1
- version/fedoraproject 389 directory server/1.2.2
- version/fedoraproject 389 directory server/1.2.5
- version/fedoraproject 389 directory server/1.2.8-alpha2
- version/fedoraproject 389 directory server/1.2.6-rc6
- version/fedoraproject 389 directory server/1.2.6.1
- version/fedoraproject 389 directory server/1.2.5-rc3
- version/fedoraproject 389 directory server/1.2.6-a4
- version/fedoraproject 389 directory server/1.2.5-rc2
- version/fedoraproject 389 directory server/1.2.8-alpha1
- version/fedoraproject 389 directory server/1.2.6-rc2
- version/fedoraproject 389 directory server/1.2.6-a2
- version/fedoraproject 389 directory server/1.2.6
- version/fedoraproject 389 directory server/1.2.6-rc7
- version/fedoraproject 389 directory server/1.2.7-alpha3
- vendor/redhat
- canonical/redhat directory server
- version/redhat directory server/8.2
- version/redhat directory server/8.2.3