Users of GNU C Library please be advised of multiple vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
USN-1009-1: [USN-1009-1] GNU C Library vulnerabilities
Details follow:
Tavis Ormandy discovered multiple flaws in the GNU C Library's handling
of the LD_AUDIT environment variable when running a privileged binary. A
local attacker could exploit this to gain root privileges. (CVE-2010-3847,
CVE-2010-3856)Read more at www.criticalwatch.com
See this Amp at http://amplify.com/u/e3gd
No comments:
Post a Comment