Test ID:	1.3.6.1.4.1.25623.1.0.69610
Category:	CentOS Local Security Checks
Title:	CentOS Security Advisory CESA-2011:0412 (glibc)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates to glibc announced in advisory CESA-2011:0412. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. http://www.securityspace.com/smysecure/catid.html?in=CESA-2011:0412 http://www.securityspace.com/smysecure/catid.html?in=RHSA-2011:0412 https://rhn.redhat.com/errata/RHSA-2011-0412.html Risk factor : High CVSS Score: 7.2
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0296 1024043 http://securitytracker.com/id?1024043 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console http://www.securityfocus.com/archive/1/520102/100/0/threaded 20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series http://seclists.org/fulldisclosure/2019/Jun/18 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series https://seclists.org/bugtraq/2019/Jun/14 39900 http://secunia.com/advisories/39900 43830 http://secunia.com/advisories/43830 46397 http://secunia.com/advisories/46397 ADV-2010-1246 http://www.vupen.com/english/advisories/2010/1246 ADV-2011-0863 http://www.vupen.com/english/advisories/2011/0863 DSA-2058 http://www.debian.org/security/2010/dsa-2058 GLSA-201011-01 http://security.gentoo.org/glsa/glsa-201011-01.xml MDVSA-2010:111 http://www.mandriva.com/security/advisories?name=MDVSA-2010:111 MDVSA-2010:112 http://www.mandriva.com/security/advisories?name=MDVSA-2010:112 RHSA-2011:0412 http://www.redhat.com/support/errata/RHSA-2011-0412.html SUSE-SA:2010:052 https://lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html USN-944-1 http://www.ubuntu.com/usn/USN-944-1 gnuclibrary-encodenamemacro-dos(59240) https://exchange.xforce.ibmcloud.com/vulnerabilities/59240 http://frugalware.org/security/662 http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ab00f4eac8f4932211259ff87be83144f5211540 http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=559579 Common Vulnerability Exposure (CVE) ID: CVE-2011-0536 1025289 http://securitytracker.com/id?1025289 43989 http://secunia.com/advisories/43989 DSA-2122-2 http://lists.debian.org/debian-security-announce/2011/msg00005.html MDVSA-2011:178 http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 RHSA-2011:0413 http://www.redhat.com/support/errata/RHSA-2011-0413.html USN-1009-2 http://www.ubuntu.com/usn/USN-1009-2 [oss-security] 20110203 CVE request: glibc CVE-2010-3847 fix regression http://openwall.com/lists/oss-security/2011/02/01/3 [oss-security] 20110203 Re: CVE request: glibc CVE-2010-3847 fix regression http://openwall.com/lists/oss-security/2011/02/03/2 http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699 https://bugzilla.redhat.com/show_bug.cgi?id=667974 https://launchpad.net/bugs/701783 oval:org.mitre.oval:def:13086 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086 Common Vulnerability Exposure (CVE) ID: CVE-2011-1071 1025290 http://securitytracker.com/id?1025290 20110224 glibc and alloca() http://seclists.org/fulldisclosure/2011/Feb/635 20110226 Re: glibc and alloca() http://seclists.org/fulldisclosure/2011/Feb/644 43492 http://secunia.com/advisories/43492 46563 http://www.securityfocus.com/bid/46563 8175 http://securityreason.com/securityalert/8175 [oss-security] 20110228 Re: cve request: eglibc memory corruption http://openwall.com/lists/oss-security/2011/02/28/11 http://openwall.com/lists/oss-security/2011/02/28/15 [oss-security] 20110228 cve request: eglibc memory corruption http://openwall.com/lists/oss-security/2011/02/26/3 http://bugs.debian.org/615120 http://code.google.com/p/chromium/issues/detail?id=48733 http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html http://sourceware.org/bugzilla/show_bug.cgi?id=11883 http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=f15ce4d8dc139523fe0c273580b604b2453acba6 https://bugzilla.redhat.com/show_bug.cgi?id=681054 oval:org.mitre.oval:def:12853 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12853 Common Vulnerability Exposure (CVE) ID: CVE-2011-1095 1025286 http://securitytracker.com/id?1025286 43976 http://secunia.com/advisories/43976 [oss-security] 20110308 Re: glibc locale escaping issue http://openwall.com/lists/oss-security/2011/03/08/21 http://openwall.com/lists/oss-security/2011/03/08/22 [oss-security] 20110308 glibc locale escaping issue http://openwall.com/lists/oss-security/2011/03/08/8 http://bugs.gentoo.org/show_bug.cgi?id=330923 http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904 http://sourceware.org/bugzilla/show_bug.cgi?id=11904 http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259 https://bugzilla.redhat.com/show_bug.cgi?id=625893 oval:org.mitre.oval:def:12272 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272 Common Vulnerability Exposure (CVE) ID: CVE-2010-3847 20101018 The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/257 20101019 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/292 20101020 Re: The GNU C library dynamic linker expands $ORIGIN in setuid library search path http://seclists.org/fulldisclosure/2010/Oct/294 20110105 VMSA-2011-0001 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap http://www.securityfocus.com/archive/1/515545/100/0/threaded 42787 http://secunia.com/advisories/42787 44024 https://www.exploit-db.com/exploits/44024/ 44025 https://www.exploit-db.com/exploits/44025/ 44154 http://www.securityfocus.com/bid/44154 ADV-2011-0025 http://www.vupen.com/english/advisories/2011/0025 DSA-2122 http://www.debian.org/security/2010/dsa-2122 MDVSA-2010:207 http://www.mandriva.com/security/advisories?name=MDVSA-2010:207 RHSA-2010:0787 https://rhn.redhat.com/errata/RHSA-2010-0787.html RHSA-2010:0872 http://www.redhat.com/support/errata/RHSA-2010-0872.html USN-1009-1 http://www.ubuntu.com/usn/USN-1009-1 VU#537223 http://www.kb.cert.org/vuls/id/537223 [libc-hacker] 20101018 [PATCH] Never expand $ORIGIN in privileged programs http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html http://support.avaya.com/css/P8/documents/100120941 http://www.vmware.com/security/advisories/VMSA-2011-0001.html https://bugzilla.redhat.com/show_bug.cgi?id=643306
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.