Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29246
HistoryApr 09, 2013 - 12:00 a.m.

[ MDVSA-2013:043 ] libgssglue

2013-04-0900:00:00
vulners.com
6
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2013:043
http://www.mandriva.com/en/support/security/

Package : libgssglue
Date : April 5, 2013
Affected: Business Server 1.0

Problem Description:

This update fixes insecure getenv() usage in libgssglue, which could
be used under some circumstances by local attackers do gain root
privileges (CVE-2011-2709).

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2709
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0159

Updated Packages:

Mandriva Business Server 1/X86_64:
a5cc4da52d5ac3532b29f528609ab4b7 mbs1/x86_64/lib64gssglue1-0.4-1.mbs1.x86_64.rpm
af0281d9fa8cdb30634c9442ef414b26 mbs1/x86_64/lib64gssglue-devel-0.4-1.mbs1.x86_64.rpm
4d42b6a08664100814ec344bca919ac4 mbs1/SRPMS/libgssglue-0.4-1.mbs1.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFRXrBpmqjQ0CJFipgRAu8TAJ9+H22W1UsNzsP8MFlmBNQYWH4AFQCbBpkS
uQJ2c3Eb1rxVi9MeG/RORfY=
=YMhI
-----END PGP SIGNATURE-----

Related

nessus 5
openvas 8
debiancve 1
fedora 2
ubuntu 1
gentoo 1
prion 1
securityvulns 1
cve 1
ubuntucve 1
nessus
nessus
GLSA-201209-22 : libgssglue: Privilege escalation
2012-09-28 00:00:00
Fedora 17 : libgssglue-0.4-0.fc17 (2012-7971)
2012-06-18 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libgssglue vulnerability (USN-1612-1)
2012-10-16 00:00:00
openvas
openvas
Ubuntu Update for libgssglue USN-1612-1
2012-10-16 00:00:00
Gentoo Security Advisory GLSA 201209-22 (libgssglue)
2012-10-03 00:00:00
Fedora Update for libgssglue FEDORA-2012-7971
2012-08-30 00:00:00
debiancve
debiancve
CVE-2011-2709
2012-06-21 15:55:00
fedora
fedora
[SECURITY] Fedora 17 Update: libgssglue-0.4-0.fc17
2012-06-15 12:29:38
[SECURITY] Fedora 16 Update: libgssglue-0.4-0.fc16
2012-06-10 01:35:04
ubuntu
ubuntu
libgssglue vulnerability
2012-10-15 00:00:00
gentoo
gentoo
libgssglue: Privilege escalation
2012-09-28 00:00:00
prion
prion
Code injection
2012-06-21 15:55:00
securityvulns
securityvulns
libgssapi / libgssglue privilege escalation
2013-04-09 00:00:00
cve
cve
CVE-2011-2709
2012-06-21 15:55:00
ubuntucve
ubuntucve
CVE-2011-2709
2012-06-21 00:00:00
JSON
Related for SECURITYVULNS:DOC:29246
nessus5openvas8debiancve1fedora2ubuntu1gentoo1prion1securityvulns1cve1ubuntucve1