CVE-2011-1071

Severity

51%

Complexity

49%

Confidentiality

106%

The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.

The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

First reported 13 years ago

2011-04-08 15:17:00

Last updated 6 years ago

2018-10-09 19:30:00

Affected Software

GNU glibc 1.00

1.00

GNU glibc 1.01

1.01

GNU glibc 1.02

1.02

GNU glibc 1.03

1.03

GNU glibc 1.04

1.04

GNU glibc 1.05

1.05

GNU glibc 1.06

1.06

GNU glibc 1.07

1.07

GNU glibc 1.08

1.08

GNU glibc 1.09

1.09

GNU glibc 1.09.1

1.09.1

GNU glibc 2.0

2.0

GNU glibc 2.0.1

2.0.1

GNU glibc 2.0.2

2.0.2

GNU glibc 2.0.3

2.0.3

GNU glibc 2.0.4

2.0.4

GNU glibc 2.0.5

2.0.5

GNU glibc 2.0.6

2.0.6

GNU glibc 2.1

2.1

GNU glibc 2.1.1

2.1.1

GNU glibc 2.1.1.6

2.1.1.6

GNU glibc 2.1.2

2.1.2

GNU glibc 2.1.3

2.1.3

GNU glibc 2.1.3.10

2.1.3.10

GNU glibc 2.1.9

2.1.9

GNU glibc 2.2

2.2

GNU glibc 2.2.1

2.2.1

GNU glibc 2.2.2

2.2.2

GNU glibc 2.2.3

2.2.3

GNU glibc 2.2.4

2.2.4

GNU glibc 2.2.5

2.2.5

GNU glibc 2.3

2.3

GNU glibc 2.3.1

2.3.1

GNU glibc 2.3.2

2.3.2

GNU glibc 2.3.3

2.3.3

GNU glibc 2.3.4

2.3.4

GNU glibc 2.3.5

2.3.5

GNU glibc 2.3.6

2.3.6

GNU glibc 2.3.10

2.3.10

GNU glibc 2.4

2.4

GNU glibc 2.5

2.5

GNU glibc 2.5.1

2.5.1

GNU glibc 2.6

2.6

GNU glibc 2.6.1

2.6.1

GNU glibc 2.7

2.7

GNU glibc 2.8

2.8

GNU glibc 2.9

2.9

GNU glibc 2.10

2.10

GNU glibc 2.10.1

2.10.1

GNU glibc 2.10.2

2.10.2

GNU glibc 2.11

2.11

GNU glibc 2.11.1

2.11.1

GNU glibc 2.11.2

2.11.2

GNU glibc 2.11.3

2.11.3

GNU glibc 2.12.0

2.12.0

GNU glibc

References

http://bugs.debian.org/615120

Exploit

http://code.google.com/p/chromium/issues/detail?id=48733

Exploit

[oss-security] 20110228 cve request: eglibc memory corruption

[oss-security] 20110228 Re: cve request: eglibc memory corruption

Exploit

[oss-security] 20110228 Re: cve request: eglibc memory corruption

http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html

Exploit

20110224 glibc and alloca()

Exploit

20110226 Re: glibc and alloca()

Patch

43492

Vendor Advisory

43830

Vendor Advisory

43989

Vendor Advisory

46397

Vendor Advisory

8175

1025290

http://sourceware.org/bugzilla/show_bug.cgi?id=11883

Exploit

http://sourceware.org/git/?p=glibc.git;a=commit;h=f15ce4d8dc139523fe0c273580b604b2453acba6

Patch

MDVSA-2011:178

RHSA-2011:0412

Vendor Advisory

RHSA-2011:0413

Vendor Advisory

20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console

46563

Exploit

http://www.vmware.com/security/advisories/VMSA-2011-0012.html

ADV-2011-0863

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=681054

Exploit, Patch

oval:org.mitre.oval:def:12853

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.