COMMAND

    glibc

SYSTEMS AFFECTED

    glibc 2.0.x and LC_ALL, noexec

PROBLEM

    Michal  Zalewski   found  following.    First  of   all  -   doing
    /lib/ld-linux.so.2 /program/on/noexec/partition  is the  simpliest
    way  to  bypass  noexec  option,  if  only  you  have glibc 2.0.x.
    Nothing to say, security by obscurity stinks.

    Clean glibc  2.0.x, as  distributed in  .tar.gz, are  vunerable to
    rather seriuos problem with  LC_ALL containing '../' tricks  (just
    like  in  telnetd  and  TERM  case).   In  fact,  in  some   Linux
    distributions, it has been silently fixed, while people  upgrading
    glibc to eg. 2.0.7 'from  scratch' are not aware of  this problem,
    and  many  sites  are  vunerable.   Using  prepared directory with
    locale specifications, including glibc error messages used eg.  by
    perror(), luser will be able  to for example read setuid  programs
    memory, etc.

SOLUTION

    Upgrade.