Support / Security / Advisories / Corporate Server 1.0.1 / MDKSA-2001:012

Package name: glibc
Date: 2001-01-18
Advisory ID: MDKSA-2001:012
Affected versions: CS1.0 i586 , 6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586 , 7.2 i586

Problem description

The LD_PRELOAD variable in the GNU C Library is honoured normally even for SUID/SGID applications (but removed afterwards from the environment) if it does not contain '/' characters. There is a special check which only preloads found libraries if they have the SUID bit set. However, if a library has been found in /etc/ld.so.cache, this check was not performed. As a result, a malicious user could preload some library located in /lib or /usr/lib before SUID/SGID applications and create or overwrite a file he would not normally have permission to. As well, LD_PROFILE output from SUID programs would go into /var/tmp, making it vulnerable to various link attacks.

Updated packages

CS1.0 i586

 05f0ef4d07e638706262ff606518aedd  1.0.1/RPMS/glibc-2.1.3-18.1mdk.i586.rpm
8681ffba3948fdc1e3fa2ecbf1eab54d  1.0.1/RPMS/glibc-devel-2.1.3-18.1mdk.i586.rpm
3f5316876c80c318cb39c68294412239  1.0.1/RPMS/glibc-profile-2.1.3-18.1mdk.i586.rpm
f68106cdfb899877f9984c1b9aabed70  1.0.1/SRPMS/glibc-2.1.3-18.1mdk.src.rpm

6.1 i586

 40c5a62fe717337c78b89162e706b204  6.1/RPMS/glibc-2.1.3-18.2mdk.i586.rpm
853008b0e720f9ae4cee919edb9b299f  6.1/RPMS/glibc-devel-2.1.3-18.2mdk.i586.rpm
395f5b6ce2ac5a9d712112d5c025d037  6.1/RPMS/glibc-profile-2.1.3-18.2mdk.i586.rpm
96d42b788a258f9d89974abb16646489  6.1/SRPMS/glibc-2.1.3-18.2mdk.src.rpm

6.0 i586

 40c5a62fe717337c78b89162e706b204  6.0/RPMS/glibc-2.1.3-18.2mdk.i586.rpm
853008b0e720f9ae4cee919edb9b299f  6.0/RPMS/glibc-devel-2.1.3-18.2mdk.i586.rpm
395f5b6ce2ac5a9d712112d5c025d037  6.0/RPMS/glibc-profile-2.1.3-18.2mdk.i586.rpm
96d42b788a258f9d89974abb16646489  6.0/SRPMS/glibc-2.1.3-18.2mdk.src.rpm

7.0 i586

 40c5a62fe717337c78b89162e706b204  7.0/RPMS/glibc-2.1.3-18.2mdk.i586.rpm
853008b0e720f9ae4cee919edb9b299f  7.0/RPMS/glibc-devel-2.1.3-18.2mdk.i586.rpm
395f5b6ce2ac5a9d712112d5c025d037  7.0/RPMS/glibc-profile-2.1.3-18.2mdk.i586.rpm
96d42b788a258f9d89974abb16646489  7.0/SRPMS/glibc-2.1.3-18.2mdk.src.rpm

7.1 i586

 05f0ef4d07e638706262ff606518aedd  7.1/RPMS/glibc-2.1.3-18.1mdk.i586.rpm
8681ffba3948fdc1e3fa2ecbf1eab54d  7.1/RPMS/glibc-devel-2.1.3-18.1mdk.i586.rpm
3f5316876c80c318cb39c68294412239  7.1/RPMS/glibc-profile-2.1.3-18.1mdk.i586.rpm
f68106cdfb899877f9984c1b9aabed70  7.1/SRPMS/glibc-2.1.3-18.1mdk.src.rpm

7.2 i586

 4720a8d7f0c973a3eec8a7539766b590  7.2/RPMS/glibc-2.1.3-18.3mdk.i586.rpm
fcdbafc369120fb5a81566fd3cdabe03  7.2/RPMS/glibc-devel-2.1.3-18.3mdk.i586.rpm
df76db4b226004082bbc0eb4d1034e87  7.2/RPMS/glibc-profile-2.1.3-18.3mdk.i586.rpm
09c064f52f8b1e0ac28fa30fa171dd7c  7.2/SRPMS/glibc-2.1.3-18.3mdk.src.rpm