Detections
Analytics

SuSE 11.3 Security Update : glibc (SAT Patch Number 10259)

high Nessus Plugin ID 81295

Language:

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

glibc has been updated to fix security issues and bugs :

 - Fix crashes on invalid input in IBM gconv modules.
 (CVE-2014-6040 / CVE-2012-6656, bsc#894553, bsc#894556, GLIBC BZ #17325, GLIBC BZ #14134)

 - Avoid infinite loop in nss_dns getnetbyname.
 (CVE-2014-9402)

 - Don't touch user-controlled stdio locks in forked child.
 (bsc#864081, GLIBC BZ #12847)

 - Unlock mutex before going back to waiting for PI mutexes. (bsc#891843, GLIBC BZ #14417)

 - Implement x86 cpuid handling of leaf4 for cache information. (bsc#903288, GLIBC BZ #12587)

 - Fix infinite loop in check_pf. (bsc#909053, GLIBC BZ #12926)

Solution

Apply SAT patch number 10259.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=864081

https://bugzilla.novell.com/show_bug.cgi?id=891843

https://bugzilla.novell.com/show_bug.cgi?id=894553

https://bugzilla.novell.com/show_bug.cgi?id=894556

https://bugzilla.novell.com/show_bug.cgi?id=903288

https://bugzilla.novell.com/show_bug.cgi?id=909053

http://support.novell.com/security/cve/CVE-2012-6656.html

http://support.novell.com/security/cve/CVE-2014-6040.html

http://support.novell.com/security/cve/CVE-2014-9402.html

Plugin Details

Severity: High

ID: 81295

File Name: suse_11_glibc-150129.nasl

Version: 1.7

Type: local

Agent: unix

Published: 2/11/2015

Updated: 1/6/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:glibc-i18ndata, p-cpe:/a:novell:suse_linux:11:glibc-info, p-cpe:/a:novell:suse_linux:11:glibc-profile, p-cpe:/a:novell:suse_linux:11:glibc-32bit, p-cpe:/a:novell:suse_linux:11:glibc-html, p-cpe:/a:novell:suse_linux:11:glibc, p-cpe:/a:novell:suse_linux:11:nscd, p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit, p-cpe:/a:novell:suse_linux:11:glibc-locale, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit, p-cpe:/a:novell:suse_linux:11:glibc-devel, p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 1/29/2015

Reference Information

CVE: CVE-2012-6656, CVE-2014-6040, CVE-2014-9402