CVE-2017-1000366: Buffer Overflow
First published: Fri May 19 2017(Updated: )
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Enterprise Linux | =5 | |
| Redhat Enterprise Linux | =6.0 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Server | =6.6 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Server Aus | =5.9 | |
| Redhat Enterprise Linux Server Aus | =6.2 | |
| Redhat Enterprise Linux Server Aus | =6.4 | |
| Redhat Enterprise Linux Server Aus | =6.5 | |
| Redhat Enterprise Linux Server Aus | =6.6 | |
| Redhat Enterprise Linux Server Aus | =7.2 | |
| Redhat Enterprise Linux Server Aus | =7.3 | |
| Redhat Enterprise Linux Server Aus | =7.4 | |
| Redhat Enterprise Linux Server Aus | =7.6 | |
| Redhat Enterprise Linux Server Eus | =6.2 | |
| Redhat Enterprise Linux Server Eus | =6.5 | |
| Redhat Enterprise Linux Server Eus | =6.7 | |
| Redhat Enterprise Linux Server Eus | =7.2 | |
| Redhat Enterprise Linux Server Eus | =7.3 | |
| Redhat Enterprise Linux Server Eus | =7.4 | |
| Redhat Enterprise Linux Server Eus | =7.5 | |
| Redhat Enterprise Linux Server Eus | =7.6 | |
| Redhat Enterprise Linux Server Long Life | =5.9 | |
| Redhat Enterprise Linux Server Tus | =6.5 | |
| Redhat Enterprise Linux Server Tus | =6.6 | |
| Redhat Enterprise Linux Server Tus | =7.2 | |
| Redhat Enterprise Linux Server Tus | =7.3 | |
| Redhat Enterprise Linux Server Tus | =7.6 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Redhat Enterprise Linux Workstation | =7.0 | |
| Openstack Cloud Magnum Orchestration | =7 | |
| Novell Suse Linux Enterprise Desktop | =12.0-sp2 | |
| Novell Suse Linux Enterprise Point Of Sale | =11.0-sp3 | |
| Novell Suse Linux Enterprise Server | =11.0-sp3 | |
| openSUSE Leap | =42.2 | |
| Suse Linux Enterprise For Sap | =12-sp1 | |
| SUSE Linux Enterprise Server | =10-sp4 | |
| SUSE Linux Enterprise Server | =11-sp4 | |
| SUSE Linux Enterprise Server | =12-sp1 | |
| SUSE Linux Enterprise Server | =12-sp2 | |
| SUSE Linux Enterprise Server | =12-sp2 | |
| Suse Linux Enterprise Server For Raspberry Pi | =12-sp2 | |
| SUSE Linux Enterprise Software Development Kit | =11.0-sp4 | |
| SUSE Linux Enterprise Software Development Kit | =12.0-sp2 | |
| GNU glibc | <=2.25 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| McAfee Web Gateway | <=7.6.2.14 | |
| McAfee Web Gateway | >=7.7.0.0<=7.7.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
- http://seclists.org/fulldisclosure/2019/Sep/7
- http://www.debian.org/security/2017/dsa-3887
- http://www.securityfocus.com/bid/99127
- http://www.securitytracker.com/id/1038712
- https://access.redhat.com/errata/RHSA-2017:1479
- https://access.redhat.com/errata/RHSA-2017:1480
- https://access.redhat.com/errata/RHSA-2017:1481
- https://access.redhat.com/errata/RHSA-2017:1567
- https://access.redhat.com/errata/RHSA-2017:1712
- https://access.redhat.com/security/cve/CVE-2017-1000366
- https://kc.mcafee.com/corporate/index?page=content&id=SB10205
- https://seclists.org/bugtraq/2019/Sep/7
- https://security.gentoo.org/glsa/201706-19
- https://www.exploit-db.com/exploits/42274/
- https://www.exploit-db.com/exploits/42275/
- https://www.exploit-db.com/exploits/42276/
- https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
- https://www.suse.com/security/cve/CVE-2017-1000366/
- https://www.suse.com/support/kb/doc/?id=7020973
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2017-1000366
- agent/last-modified-date
- agent/references
- agent/severity
- agent/weakness
- agent/remedy
- agent/author
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/5
- version/redhat enterprise linux/6.0
- version/redhat enterprise linux/7.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- version/redhat enterprise linux server/6.6
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/5.9
- version/redhat enterprise linux server aus/6.2
- version/redhat enterprise linux server aus/6.4
- version/redhat enterprise linux server aus/6.5
- version/redhat enterprise linux server aus/6.6
- version/redhat enterprise linux server aus/7.2
- version/redhat enterprise linux server aus/7.3
- version/redhat enterprise linux server aus/7.4
- version/redhat enterprise linux server aus/7.6
- canonical/redhat enterprise linux server eus
- version/redhat enterprise linux server eus/6.2
- version/redhat enterprise linux server eus/6.5
- version/redhat enterprise linux server eus/6.7
- version/redhat enterprise linux server eus/7.2
- version/redhat enterprise linux server eus/7.3
- version/redhat enterprise linux server eus/7.4
- version/redhat enterprise linux server eus/7.5
- version/redhat enterprise linux server eus/7.6
- canonical/redhat enterprise linux server long life
- version/redhat enterprise linux server long life/5.9
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/6.5
- version/redhat enterprise linux server tus/6.6
- version/redhat enterprise linux server tus/7.2
- version/redhat enterprise linux server tus/7.3
- version/redhat enterprise linux server tus/7.6
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- version/redhat enterprise linux workstation/7.0
- vendor/openstack
- canonical/openstack cloud magnum orchestration
- version/openstack cloud magnum orchestration/7
- vendor/novell
- canonical/novell suse linux enterprise desktop
- version/novell suse linux enterprise desktop/12.0-sp2
- canonical/novell suse linux enterprise point of sale
- version/novell suse linux enterprise point of sale/11.0-sp3
- canonical/novell suse linux enterprise server
- version/novell suse linux enterprise server/11.0-sp3
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/42.2
- vendor/suse
- canonical/suse linux enterprise for sap
- version/suse linux enterprise for sap/12-sp1
- canonical/suse linux enterprise server
- version/suse linux enterprise server/10-sp4
- version/suse linux enterprise server/11-sp4
- version/suse linux enterprise server/12-sp1
- version/suse linux enterprise server/12-sp2
- canonical/suse linux enterprise server for raspberry pi
- version/suse linux enterprise server for raspberry pi/12-sp2
- canonical/suse linux enterprise software development kit
- version/suse linux enterprise software development kit/11.0-sp4
- version/suse linux enterprise software development kit/12.0-sp2
- vendor/gnu
- canonical/gnu glibc
- version/gnu glibc/2.25
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- vendor/mcafee
- canonical/mcafee web gateway
- version/mcafee web gateway/7.6.2.14
- version/mcafee web gateway/7.7.0.0
- version/mcafee web gateway/7.7.2.2