COMMAND
glibc
SYSTEMS AFFECTED
Linux
PROBLEM
ld-linux.so.2, the dynamical linker, adds shared libraries to the
memoryspace of a program to be started. Its flexibility allows
for some environment variables to influence the linking process
such as preloading shared libraries as well as defining the path
in which the linker will search for the shared libraries. Special
care must be exercised when runtime-linking setuid- or
setgid-binaries.
The runtime-linker must not link against user-specified libraries
since the code therein would then run with the elevated privileges
of the suid binary.
The runtime-linker as used in the SuSE distributions ignores the
content of the critical environment variables if the specified
path begins with a slash ("/"), or if the library file name is
not cached (eg it is contained in a path from /etc/ld.so.conf).
However, Solar Designer has found out that even preloading glibc-
native shared libraries can be dangerous: The code in the
user-linked library is not aware of the fact that the binary runs
with suid or sgid privileges. Using debugging features of the
glibc (and possibly other features) it is possible for a local
attacker to overwrite arbitrary files with the elevated privileges
of the suid/sgid binary executed. This may lead to a local root
compromise.
The upcoming SuSE-7.1 distribution is based on glibc-2.2. This
distribution is not affected by the security problems in glibc as
discussed in security forums.
SOLUTION
For SuSE Linux:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/shlibs-2.1.3-190.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/libc-2.1.3-190.src.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/shlibs-2.1.3-155.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/libc-2.1.3-155.src.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.3/a1/shlibs-2.1.2-48.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/libc-2.1.2-48.src.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.2/a1/shlibs-2.1.1-30.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/libc-2.1.1-30.src.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/a1/shlibs-2.1.3-155.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/libc-2.1.3-155.src.rpm
ftp://ftp.suse.com/pub/suse/axp/update/7.0/a1/shlibs-2.1.3-155.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/libc-2.1.3-155.src.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.4/a1/shlibs-2.1.3-155.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/libc-2.1.3-155.src.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/shlibs-2.1.2-48.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/libc-2.1.2-48.src.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/shlibs-2001.1.17-0.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/libc-2000.9.5-0.src.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/a1/shlibs-2.1.3-173.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/libc-2.1.3-173.src.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/shlibs-2.1.3-190.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/libc-2.1.3-190.src.rpm
For Conectiva Linux:
ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/glibc-2.1.2-15cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-devel-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-profile-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/nscd-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/glibc-2.1.2-15cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/glibc-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/glibc-devel-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/glibc-profile-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/nscd-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/glibc-2.1.2-15cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/glibc-devel-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/glibc-profile-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/glibc-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/nscd-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/glibc-2.1.2-15cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/glibc-devel-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/glibc-profile-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/glibc-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/nscd-2.1.2-15cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/glibc-2.1.3-25cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/nscd-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/i18ndata-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-devel-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-doc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-devel-static-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-profile-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/glibc-2.1.3-25cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/i18ndata-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/nscd-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-devel-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-doc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-devel-static-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-profile-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/glibc-2.1.3-25cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/i18ndata-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/glibc-devel-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/glibc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/glibc-doc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/nscd-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/glibc-devel-static-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/glibc-profile-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/glibc-2.1.3-25cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-devel-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-devel-static-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/nscd-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-doc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-profile-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/i18ndata-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/glibc-2.1.3-25cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-devel-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-devel-static-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/nscd-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-doc-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-profile-2.1.3-25cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/i18ndata-2.1.3-25cl.i386.rpm
For TurboLinux:
ftp://ftp.turbolinux.com/pub/updates/6.0/security/glibc-2.1.3-27.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/glibc-devel-2.1.3-27.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/glibc-profile-2.1.3-27.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/SRPMS/glibc-2.1.3-27.src.rpm
For Debian:
http://security.debian.org/dists/stable/updates/main/source/glibc_2.1.3-17.diff.gz
http://security.debian.org/dists/stable/updates/main/source/glibc_2.1.3-17.dsc
http://security.debian.org/dists/stable/updates/main/source/glibc_2.1.3.orig.tar.gz
http://security.debian.org/dists/stable/updates/main/binary-all/glibc-doc_2.1.3-17_all.deb
http://security.debian.org/dists/stable/updates/main/binary-all/i18ndata_2.1.3-17_all.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1-dbg_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1-dev_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1-pic_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1-prof_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libnss1-compat_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/locales_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/nscd_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6-dbg_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6-dev_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6-pic_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6-prof_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/locales_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/nscd_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6-dbg_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6-dev_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6-pic_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6-prof_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libnss1-compat_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/locales_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/nscd_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6-dbg_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6-dev_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6-pic_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6-prof_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libnss1-compat_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/locales_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/nscd_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6-dbg_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6-dev_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6-pic_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6-prof_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/locales_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/nscd_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6-dbg_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6-dev_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6-pic_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6-prof_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/locales_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/nscd_2.1.3-17_sparc.deb