Red Hat SBLIM Insecure Library Path Local Privilege Escalation Vulnerability
BID:29913
Info
Red Hat SBLIM Insecure Library Path Local Privilege Escalation Vulnerability
| Bugtraq ID: | 29913 |
| Class: | Design Error |
| CVE: |
CVE-2008-1951 |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 24 2008 12:00AM |
| Updated: | Mar 05 2009 05:26PM |
| Credit: | The vendor |
| Vulnerable: |
Redhat Enterprise Linux WS 5 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux AS 4 Redhat Enterprise Linux 5 server Redhat Desktop 4.0 Avaya Message Networking 3.1 Avaya Intuity AUDIX LX 2.0 |
| Not Vulnerable: | |
Discussion
Red Hat SBLIM Insecure Library Path Local Privilege Escalation Vulnerability
Red Hat Linux SBLIM packages are prone to a local privilege-escalation vulnerability because they were built with insecure library search paths.
Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application.
SBLIM packages built and shipped with the following versions of Red Hat are affected:
Red Hat Enterprise Linux Workstation 5
Red Hat Desktop 4
Red Hat Enterprise Linux 5 server
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux ES 4
Red Hat Enterprise Linux WS 4
Red Hat Linux SBLIM packages are prone to a local privilege-escalation vulnerability because they were built with insecure library search paths.
Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application.
SBLIM packages built and shipped with the following versions of Red Hat are affected:
Red Hat Enterprise Linux Workstation 5
Red Hat Desktop 4
Red Hat Enterprise Linux 5 server
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux ES 4
Red Hat Enterprise Linux WS 4
Exploit / POC
Red Hat SBLIM Insecure Library Path Local Privilege Escalation Vulnerability
An attacker can exploit this issue by gaining local interactive access to the affected computer.
An attacker can exploit this issue by gaining local interactive access to the affected computer.
Solution / Fix
Red Hat SBLIM Insecure Library Path Local Privilege Escalation Vulnerability
Solution:
Please see the referenced advisory for information on obtaining and applying the appropriate updates.
Solution:
Please see the referenced advisory for information on obtaining and applying the appropriate updates.
References
Red Hat SBLIM Insecure Library Path Local Privilege Escalation Vulnerability
References:
References: