Conectiva Linux Security Announcement - glibc | Linux Today

Conectiva Linux Security Announcement – glibc

Written By
Web Webster
Web Webster
Sep 4, 2000
Date: Sat, 2 Sep 2000 13:25:26 -0300
From: secure@CONECTIVA.COM.BR
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Conectiva Linux Security Announcement - glibc

-----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
-----------------------------------------------------------------------

PACKAGE   : glibc
SUMMARY   : Glibc local root exploit
DATE      : 2000-09-02 13:24:00
RELEVANT
RELEASES  : 4.0, 4.0es, 4.1, 4.2, 5.0, prg gr=E1ficos, ecommerce, 5.1

----------------------------------------------------------------------

DESCRIPTION
 Several problems have been found in the glibc code that allow a local
 attacker to obtain root privileges.

 1. The ld.so dynamic library loader has a bug in its implementation
 of unsetenv(). This function does not removes all instances of an
 environment variable. Before running a SUID program, ld.so clears
 some dangerous variables, LD_PRELOAD included. By crafting a special
 environment, an attacker could make this variable slip through this
 inefficient check. If the SUID application calls another program
 without cleaning up the environment, this variable will be honored
 and shared libraries under the attacker's control will be executed,
 most likely giving him/her a root shell.

 2. The other problem in glibc allows an attacker to provide a false
 translation file, one under his control. Format bugs could be used in
 this file to obtain root privilieges if executing a SUID application.
 The problem lies withing the inspection of the many environment
 variables that control internationalization. This inspection does not
 correctly handled things like slashes and ".." and thus allowed an
 attacker to specify alternate locations for the internationalization
 files.


SOLUTION
 All users should upgrade at once. Please note that for a running
 program to use the new library, it has to be restarted. This is not
 needed for the problems reported here, because they would require a
 program to be started with the old library in order for an exploit to
 work. But memory and disk space used by the old library will only be
 fully recovered when the library is no longer used by any program,
 i.e., only after a reboot.


 We would like to thank Jouko Pynn=F6nen for reporting this problem to
 us before making it public.


DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/glibc-2.1.2-13cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-devel-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-profile-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/nscd-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/glibc-2.1.2-13cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/glibc-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/glibc-devel-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/glibc-profile-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/nscd-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/glibc-2.1.2-13cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/glibc-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/glibc-devel-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/glibc-profile-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/nscd-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/glibc-2.1.2-13cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/glibc-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/glibc-devel-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/glibc-profile-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/nscd-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/glibc-2.1.3-9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-devel-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-profile-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/nscd-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/glibc-2.1.3-9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-devel-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-profile-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/nscd-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/glibc-2.1.3-9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-devel-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-profile-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/nscd-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/glibc-2.1.3-9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-devel-22E1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-profile-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/nscd-2.1.3-9cl.i386.rpm


----------------------------------------------------------------------

All packages are signed with Conectiva's GPG key. The key can be
obtained at http://www.conectiva.com.br/contato

----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe@bazar.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribe@bazar.conectiva.com.br


Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.