BID:2223

glibc LD_PRELOAD File Overwriting Vulnerability

Info

glibc LD_PRELOAD File Overwriting Vulnerability

Bugtraq ID:	2223
Class:	Input Validation Error
CVE:
Remote:	No
Local:	Yes
Published:	Jan 16 2001 12:00AM
Updated:	Jan 16 2001 12:00AM
Credit:	This vulnerability was announced in a Red Hat Security Advisory posted to Bugtraq on January 16, 2001.
Vulnerable:	Turbolinux Turbolinux 6.1 Turbolinux Turbolinux 6.0.5 Trustix Secure Linux 1.2 Trustix Secure Linux 1.1 Redhat nscd-2.1.3-15.i386.rpm + Redhat Linux 6.2 Redhat nscd-2.1.2-11.i386.rpm + Redhat Linux 6.1 Redhat nscd-2.1.1-6.i386.rpm + Redhat Linux 6.0 Redhat Linux 6.2 sparc Redhat Linux 6.2 i386 Redhat Linux 6.2 alpha Redhat Linux 6.1 sparc Redhat Linux 6.1 i386 Redhat Linux 6.1 alpha Redhat Linux 6.0 sparc Redhat Linux 6.0 alpha Redhat Linux 6.0 Redhat glibc-profile-2.1.3-15.i386.rpm + Redhat Linux 6.2 Redhat glibc-profile-2.1.2-11.i386.rpm + Redhat Linux 6.1 Redhat glibc-profile-2.1.1-6.i386.rpm + Redhat Linux 6.0 Redhat glibc-devel-2.1.3-15.i386.rpm + Redhat Linux 6.2 Redhat glibc-devel-2.1.2-11.i386.rpm + Redhat Linux 6.1 Redhat glibc-devel-2.1.1-6.i386.rpm + Redhat Linux 6.0 Redhat glibc-2.1.3-15.i386.rpm + Redhat Linux 6.2 Redhat glibc-2.1.2-11.i386.rpm + Redhat Linux 6.1 Redhat glibc-2.1.1-6.i386.rpm + Redhat Linux 6.0 Mandriva Linux Mandrake 7.2 Mandriva Linux Mandrake 7.1 Mandriva Linux Mandrake 7.0 Mandriva Linux Mandrake 6.1 Mandriva Linux Mandrake 6.0 MandrakeSoft Corporate Server 1.0.1 Debian Linux 2.2 sparc Debian Linux 2.2 powerpc Debian Linux 2.2 arm Debian Linux 2.2 alpha Debian Linux 2.2 68k Debian Linux 2.2

Not Vulnerable:

Discussion

glibc LD_PRELOAD File Overwriting Vulnerability

glibc is the GNU C Library, a freely available, open source C library maintained by public domain, and distributed by the Free Software Foundation. It is included in most current Linux distributions.

A problem with the library could allow access to write or overwrite restricted files. Upon execution of SUID and SGID applications, the library allows a user to preload libraries in the environment variable LD_PRELOAD providing the variable does not contain forward slashes. A special check is also performed to ensure the library being preloaded is SUID. However, if the library is found in the /etc/ld.so.cache file, this check is circumvented, and never performed. It is therefore possible to load a library from /lib or /usr/lib prior to the execution of a SUID or SGID program. This flaw makes it possible for a user with malicious motives to create files in restricted locations, or overwrite files outside of the access of this user, including system files.

Exploit / POC

glibc LD_PRELOAD File Overwriting Vulnerability

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].

Solution / Fix

glibc LD_PRELOAD File Overwriting Vulnerability

Solution:
Upgrades available:

Redhat glibc-2.1.3-15.i386.rpm

Red Hat Inc. 6.2 i386 glibc-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/glibc-2.1.3-22.i386.rpm

Redhat glibc-devel-2.1.2-11.i386.rpm

Red Hat Inc. 6.1 i386 glibc-devel-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/glibc-devel-2.1.3-22.i386.rpm

Redhat nscd-2.1.2-11.i386.rpm

Red Hat Inc. 6.1 i386 nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/nscd-2.1.3-22.i386.rpm

Redhat glibc-devel-2.1.3-15.i386.rpm

Red Hat Inc. 6.2 i386 glibc-devel-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/glibc-devel-2.1.3-22.i386.rpm

Redhat glibc-profile-2.1.1-6.i386.rpm

Red Hat Inc. 6.0 i386 glibc-profile-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/glibc-profile-2.1.3-22.i386.rpm

Redhat glibc-2.1.1-6.i386.rpm

Red Hat Inc. 6.0 i386 glibc-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/glibc-2.1.3-22.i386.rpm

Redhat glibc-profile-2.1.3-15.i386.rpm

Red Hat Inc. 6.2 i386 glibc-profile-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/glibc-profile-2.1.3-22.i386.rpm

Redhat nscd-2.1.3-15.i386.rpm

Red Hat Inc. 6.2 i386 nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/nscd-2.1.3-22.i386.rpm

Redhat glibc-devel-2.1.1-6.i386.rpm

Red Hat Inc. 6.0 i386 glibc-devel-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/glibc-devel-2.1.3-22.i386.rpm

Redhat nscd-2.1.1-6.i386.rpm

Red Hat Inc. 6.0 i386 nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/nscd-2.1.3-22.i386.rpm

Redhat glibc-2.1.2-11.i386.rpm

Red Hat Inc. 6.1 i386 glibc-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/glibc-2.1.3-22.i386.rpm

Redhat glibc-profile-2.1.2-11.i386.rpm

Red Hat Inc. 6.1 i386 glibc-profile-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/glibc-profile-2.1.3-22.i386.rpm

MandrakeSoft Corporate Server 1.0.1

MandrakeSoft 1.0.1 i386 glibc-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/1.0.1/RPM S/glibc-2.1.3-18.1mdk.i586.rpm

MandrakeSoft 1.0.1 i386 glibc-devel-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/1.0.1/RPM S/glibc-devel-2.1.3-18.1mdk.i586.rpm

MandrakeSoft 1.0.1 i386 glibc-profile-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/1.0.1/RPM S/glibc-profile-2.1.3-18.1mdk.i586.rpm

Trustix Secure Linux 1.1

Trustix 1.1 i386 glibc-devel-2.1.3-14tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/

Trustix 1.1 i386 glibc-profile-2.1.3-14tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/glibc-profile-2.1.3 -14tr.i586.rpm

Trustix 1.1 i386 nscd-2.1.3-14tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.1/RPMS/nscd-2.1.3-14tr.i58 6.rpm

Trustix Secure Linux 1.2

Trustix 1.2 i386 glibc-2.1.3-14tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/glibc-2.1.3-14tr.i5 86.rpm

Trustix 1.2 i386 glibc-devel-2.1.3-14tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/glibc-devel-2.1.3-1 4tr.i586.rpm

Trustix 1.2 i386 glibc-profile-2.1.3-14tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/glibc-profile-2.1.3 -14tr.i586.rpm

Trustix 1.2 i386 nscd-2.1.3-14tr.i586.rpm
ftp://ftp.trustix.net/pub/Trustix/updates/1.2/RPMS/nscd-2.1.3-14tr.i58 6.rpm

Debian Linux 2.2 powerpc

Debian 2.2 ppc libc6-dbg_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/li bc6-dbg_2.1.3-17_powerpc.deb

Debian 2.2 ppc libc6-dev_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/li bc6-dev_2.1.3-17_powerpc.deb

Debian 2.2 ppc libc6-pic_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/li bc6-pic_2.1.3-17_powerpc.deb

Debian 2.2 ppc libc6-prof_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/li bc6-prof_2.1.3-17_powerpc.deb

Debian 2.2 ppc libc6_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/li bc6_2.1.3-17_powerpc.deb

Debian 2.2 ppc locales_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/lo cales_2.1.3-17_powerpc.deb

Debian 2.2 ppc nscd_2.1.3-17_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/ns cd_2.1.3-17_powerpc.deb

Debian Linux 2.2

Debian 2.2 i386 libc6-dbg_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6 -dbg_2.1.3-17_i386.deb

Debian 2.2 i386 libc6-dev_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6 -dev_2.1.3-17_i386.deb

Debian 2.2 i386 libc6-pic_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6 -pic_2.1.3-17_i386.deb

Debian 2.2 i386 libc6-prof_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6 -prof_2.1.3-17_i386.deb

Debian 2.2 i386 libc6_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6 _2.1.3-17_i386.deb

Debian 2.2 i386 libnss1-compat_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/libns s1-compat_2.1.3-17_i386.deb

Debian 2.2 i386 locales_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/local es_2.1.3-17_i386.deb

Debian 2.2 i386 nscd_2.1.3-17_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/nscd_ 2.1.3-17_i386.deb

Debian Linux 2.2 arm

Debian 2.2 arm libc6-dbg_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6- dbg_2.1.3-17_arm.deb

Debian 2.2 arm libc6-dev_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6- dev_2.1.3-17_arm.deb

Debian 2.2 arm libc6-pic_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6- pic_2.1.3-17_arm.deb

Debian 2.2 arm libc6-prof_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6- prof_2.1.3-17_arm.deb

Debian 2.2 arm libc6_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6_ 2.1.3-17_arm.deb

Debian 2.2 arm locales_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/locale s_2.1.3-17_arm.deb

Debian 2.2 arm nscd_2.1.3-17_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/nscd_2 .1.3-17_arm.deb

Debian Linux 2.2 alpha

Debian 2.2 alpha libc6.1-dbg_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc 6.1-dbg_2.1.3-17_alpha.deb

Debian 2.2 alpha libc6.1-dev_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc 6.1-dev_2.1.3-17_alpha.deb

Debian 2.2 alpha libc6.1-pic_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc 6.1-pic_2.1.3-17_alpha.deb

Debian 2.2 alpha libc6.1-prof_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc 6.1-prof_2.1.3-17_alpha.deb

Debian 2.2 alpha libc6.1_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc 6.1_2.1.3-17_alpha.deb

Debian 2.2 alpha libnss1-compat_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/libn ss1-compat_2.1.3-17_alpha.deb

Debian 2.2 alpha locales_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/loca les_2.1.3-17_alpha.deb

Debian 2.2 alpha nscd_2.1.3-17_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-alpha/nscd _2.1.3-17_alpha.deb

Debian Linux 2.2 sparc

Debian 2.2 sparc libc6-dbg_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc 6-dbg_2.1.3-17_sparc.deb

Debian 2.2 sparc libc6-dev_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc 6-dev_2.1.3-17_sparc.deb

Debian 2.2 sparc libc6-pic_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc 6-pic_2.1.3-17_sparc.deb

Debian 2.2 sparc libc6-prof_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc 6-prof_2.1.3-17_sparc.deb

Debian 2.2 sparc libc6_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc 6_2.1.3-17_sparc.deb

Debian 2.2 sparc locales_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/loca les_2.1.3-17_sparc.deb

Debian 2.2 sparc nscd_2.1.3-17_sparc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/nscd _2.1.3-17_sparc.deb

Debian Linux 2.2 68k

Debian 2.2 m68k libc6-dbg_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6 -dbg_2.1.3-17_m68k.deb

Debian 2.2 m68k libc6-dev_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6 -dev_2.1.3-17_m68k.deb

Debian 2.2 m68k libc6-pic_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6 -pic_2.1.3-17_m68k.deb

Debian 2.2 m68k libc6-prof_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6 -prof_2.1.3-17_m68k.deb

Debian 2.2 m68k libc6_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libc6 _2.1.3-17_m68k.deb

Debian 2.2 m68k libnss1-compat_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/libns s1-compat_2.1.3-17_m68k.deb

Debian 2.2 m68k nscd_2.1.3-17_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/nscd_ 2.1.3-17_m68k.deb

Redhat Linux 6.0 alpha

Red Hat Inc. 6.0 alpha glibc-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/glibc-2.1.3-22.alpha.rpm

Red Hat Inc. 6.0 alpha glibc-devel-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/glibc-devel-2.1.3-22.alpha.rpm

Red Hat Inc. 6.0 alpha glibc-profile-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/glibc-profile-2.1.3-22.alpha.rpm

Red Hat Inc. 6.0 alpha nscd-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/nscd-2.1.3-22.alpha.rpm

Redhat Linux 6.0

Red Hat Inc. 6.0 i386 glibc-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/glibc-2.1.3-22.i386.rpm

Red Hat Inc. 6.0 i386 glibc-devel-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/glibc-devel-2.1.3-22.i386.rpm

Red Hat Inc. 6.0 i386 glibc-profile-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/glibc-profile-2.1.3-22.i386.rpm

Red Hat Inc. 6.0 i386 nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.0/i386/nscd-2.1.3-22.i386.rpm

Mandriva Linux Mandrake 6.0

MandrakeSoft 6.0 i386 glibc-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.0/RPMS/ glibc-2.1.3-18.2mdk.i586.rpm

MandrakeSoft 6.0 i386 glibc-devel-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.0/RPMS/ glibc-devel-2.1.3-18.2mdk.i586.rpm

MandrakeSoft 6.0 i386 glibc-profile-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.0/RPMS/ glibc-profile-2.1.3-18.2mdk.i586.rpm

Redhat Linux 6.0 sparc

Red Hat Inc. 6.0 sparc glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/glibc-2.1.3-22.sparc.rpm

Red Hat Inc. 6.0 sparc glibc-devel-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/glibc-devel-2.1.3-22.sparc.rpm

Red Hat Inc. 6.0 sparc glibc-profile-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/glibc-profile-2.1.3-22.sparc.rpm

Red Hat Inc. 6.0 sparc nscd-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/nscd-2.1.3-22.sparc.rpm

Red Hat Inc. 6.0 sparcv9 glibc-2.1.3-22.sparcv9.rpm
ftp://updates.redhat.com/6.0/sparcv9/glibc-2.1.3-22.sparcv9.rpm

Turbolinux Turbolinux 6.0.5

TurboLinux 6.0 i386 glibc-2.1.3-27.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/glibc-2.1.3-27.i386. rpm

TurboLinux 6.0 i386 glibc-devel-2.1.3-27.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/glibc-devel-2.1.3-27 .i386.rpm

TurboLinux 6.0 i386 glibc-profile-2.1.3-27.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/glibc-profile-2.1.3- 27.i386.rpm

Redhat Linux 6.1 sparc

Red Hat Inc. 6.1 sparc glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/glibc-2.1.3-22.sparc.rpm

Red Hat Inc. 6.1 sparc glibc-devel-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/glibc-devel-2.1.3-22.sparc.rpm

Red Hat Inc. 6.1 sparc glibc-profile-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/glibc-profile-2.1.3-22.sparc.rpm

Red Hat Inc. 6.1 sparc nscd-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/nscd-2.1.3-22.sparc.rpm

Red Hat Inc. 6.1 sparcv9 glibc-2.1.3-22.sparcv9.rpm
ftp://updates.redhat.com/6.1/sparcv9/glibc-2.1.3-22.sparcv9.rpm

Turbolinux Turbolinux 6.1

TurboLinux 6.0 i386 glibc-2.1.3-27.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/glibc-2.1.3-27.i386. rpm

TurboLinux 6.0 i386 glibc-devel-2.1.3-27.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/glibc-devel-2.1.3-27 .i386.rpm

TurboLinux 6.0 i386 glibc-profile-2.1.3-27.i386.rpm
ftp://ftp.turbolinux.com/pub/updates/6.0/security/glibc-profile-2.1.3- 27.i386.rpm

Redhat Linux 6.1 alpha

Red Hat Inc. 6.1 alpha glibc-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.1/alpha/glibc-2.1.3-22.alpha.rpm

Red Hat Inc. 6.1 alpha glibc-devel-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.1/alpha/glibc-devel-2.1.3-22.alpha.rpm

Red Hat Inc. 6.1 alpha glibc-profile-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.1/alpha/glibc-profile-2.1.3-22.alpha.rpm

Red Hat Inc. 6.1 alpha nscd-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.1/alpha/nscd-2.1.3-22.alpha.rpm

Redhat Linux 6.1 i386

Red Hat Inc. 6.1 i386 glibc-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/glibc-2.1.3-22.i386.rpm

Red Hat Inc. 6.1 i386 glibc-devel-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/glibc-devel-2.1.3-22.i386.rpm

Red Hat Inc. 6.1 i386 glibc-profile-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/glibc-profile-2.1.3-22.i386.rpm

Red Hat Inc. 6.1 i386 nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.1/i386/nscd-2.1.3-22.i386.rpm

Mandriva Linux Mandrake 6.1

MandrakeSoft 6.1 i386 glibc-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.1/RPMS/ glibc-2.1.3-18.2mdk.i586.rpm

MandrakeSoft 6.1 i386 glibc-devel-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.1/RPMS/ glibc-devel-2.1.3-18.2mdk.i586.rpm

MandrakeSoft 6.1 i386 glibc-profile-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/6.1/RPMS/ glibc-profile-2.1.3-18.2mdk.i586.rpm

Redhat Linux 6.2 alpha

Red Hat Inc. 6.2 alpha glibc-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/glibc-2.1.3-22.alpha.rpm

Red Hat Inc. 6.2 alpha glibc-devel-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/glibc-devel-2.1.3-22.alpha.rpm

Red Hat Inc. 6.2 alpha glibc-profile-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/glibc-profile-2.1.3-22.alpha.rpm

Red Hat Inc. 6.2 alpha nscd-2.1.3-22.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/nscd-2.1.3-22.alpha.rpm

Redhat Linux 6.2 i386

Red Hat Inc. 6.2 i386 glibc-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/glibc-2.1.3-22.i386.rpm

Red Hat Inc. 6.2 i386 glibc-devel-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/glibc-devel-2.1.3-22.i386.rpm

Red Hat Inc. 6.2 i386 glibc-profile-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/glibc-profile-2.1.3-22.i386.rpm

Red Hat Inc. 6.2 i386 nscd-2.1.3-22.i386.rpm
ftp://updates.redhat.com/6.2/i386/nscd-2.1.3-22.i386.rpm

Redhat Linux 6.2 sparc

Red Hat Inc. 6.2 sparc glibc-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-2.1.3-22.sparc.rpm

Red Hat Inc. 6.2 sparc glibc-devel-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-devel-2.1.3-22.sparc.rpm

Red Hat Inc. 6.2 sparc glibc-profile-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/glibc-profile-2.1.3-22.sparc.rpm

Red Hat Inc. 6.2 sparc nscd-2.1.3-22.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/nscd-2.1.3-22.sparc.rpm

Red Hat Inc. 6.2 sparcv9 glibc-2.1.3-22.sparcv9.rpm
ftp://updates.redhat.com/6.2/sparcv9/glibc-2.1.3-22.sparcv9.rpm

Mandriva Linux Mandrake 7.0

MandrakeSoft 7.0 i386 glibc-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.0/RPMS/ glibc-2.1.3-18.2mdk.i586.rpm

MandrakeSoft 7.0 i386 glibc-devel-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.0/RPMS/ glibc-devel-2.1.3-18.2mdk.i586.rpm

MandrakeSoft 7.0 i386 glibc-profile-2.1.3-18.2mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.0/RPMS/ glibc-profile-2.1.3-18.2mdk.i586.rpm

Mandriva Linux Mandrake 7.1

MandrakeSoft 7.1 i386 glibc-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.1/RPMS/ glibc-2.1.3-18.1mdk.i586.rpm

MandrakeSoft 7.1 i386 glibc-devel-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.1/RPMS/ glibc-devel-2.1.3-18.1mdk.i586.rpm

MandrakeSoft 7.1 i386 glibc-profile-2.1.3-18.1mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.1/RPMS/ glibc-profile-2.1.3-18.1mdk.i586.rpm

Mandriva Linux Mandrake 7.2

MandrakeSoft 7.2 i386 glibc-2.1.3-18.3mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.2/RPMS/ glibc-2.1.3-18.3mdk.i586.rpm

MandrakeSoft 7.2 i386 glibc-devel-2.1.3-18.3mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.2/RPMS/ glibc-devel-2.1.3-18.3mdk.i586.rpm

MandrakeSoft 7.2 i386 glibc-profile-2.1.3-18.3mdk.i586.rpm
http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.2/RPMS/ glibc-profile-2.1.3-18.3mdk.i586.rpm

References

glibc LD_PRELOAD File Overwriting Vulnerability

References: