Novell Home

CVE-2009-3736

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2009-3736 at MITRE

Description

ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.

NVD CVSS v2 Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 556122

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise Server 10 SP3
  • libtool >= 1.5.22-13.16.1
sles10-sp3.ia64
sles10-sp3.ppc
sles10-sp3.x86
sles10-sp3.x86-64
sles10-sp3.s390x
sled10-sp3.x86
sled10-sp3.x86-64
ZYPP Patch Nr: 6683
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise Server 10 SP3
  • libtool >= 1.5.22-13.16.1
  • libtool-32bit >= 1.5.22-13.16.1
sles10-sp3.ia64
sles10-sp3.ppc
sles10-sp3.x86
sles10-sp3.x86-64
sles10-sp3.s390x
sled10-sp3.x86
sled10-sp3.x86-64
ZYPP Patch Nr: 6683
SUSE Linux Enterprise Server 10 SP3
  • libtool >= 1.5.22-13.16.1
  • libtool-x86 >= 1.5.22-13.16.1
sles10-sp3.ia64
sles10-sp3.ppc
sles10-sp3.x86
sles10-sp3.x86-64
sles10-sp3.s390x
sled10-sp3.x86
sled10-sp3.x86-64
ZYPP Patch Nr: 6683
SUSE Linux Enterprise Server 10 SP3
  • libtool >= 1.5.22-13.16.1
  • libtool-64bit >= 1.5.22-13.16.1
sles10-sp3.ia64
sles10-sp3.ppc
sles10-sp3.x86
sles10-sp3.x86-64
sles10-sp3.s390x
sled10-sp3.x86
sled10-sp3.x86-64
ZYPP Patch Nr: 6683
SUSE Linux Enterprise 11 Moblin 2.0
  • libtool-debuginfo >= 2.2.6-2.131.1
  • libtool-debugsource >= 2.2.6-2.131.1
SAT Patch Nr: 1624
SUSE Linux Enterprise 11 Moblin 2.0
  • libltdl7 >= 2.2.6-2.131.1
  • libtool >= 2.2.6-2.131.1
SAT Patch Nr: 1624
Novell Linux Desktop 9 for x86
Open Enterprise Server
  • libtool >= 1.5.2-56.5
core9.x86-64
core9.x86
core9.ia64
core9.ppc
sles9-nld.x86-64
sles9-nld.x86
core9.s390
core9.s390x
sles9-nlpos.x86
sles9-oes.x86
YOU Patch Nr: 12554
Novell Linux Desktop 9 for x86_64
  • libtool >= 1.5.2-56.5
  • libtool-32bit >= 9-200912011711
core9.x86-64
core9.x86
core9.ia64
core9.ppc
sles9-nld.x86-64
sles9-nld.x86
core9.s390
core9.s390x
sles9-nlpos.x86
sles9-oes.x86
YOU Patch Nr: 12554
SUSE Linux Enterprise SDK 11 GA
  • libtool >= 2.2.6-2.131.1
sle11-sdk.x86
sle11-debuginfo.s390x
sle11-debuginfo.ia64
sle11-sdk.x86-64
sles11.s390x
sled11.x86-64
sle11-debuginfo.x86-64
sles11.ppc
sled11.x86
sle11-debuginfo.x86
sle11-debuginfo.ppc
sles11.x86-64
sles11.ia64
sles11.x86
SAT Patch Nr: 1626
SUSE Linux Enterprise SDK 11 GA
  • libtool >= 2.2.6-2.131.1
  • libtool-32bit >= 2.2.6-2.131.1
sle11-sdk.x86
sle11-debuginfo.s390x
sle11-debuginfo.ia64
sle11-sdk.x86-64
sles11.s390x
sled11.x86-64
sle11-debuginfo.x86-64
sles11.ppc
sled11.x86
sle11-debuginfo.x86
sle11-debuginfo.ppc
sles11.x86-64
sles11.ia64
sles11.x86
SAT Patch Nr: 1626
SUSE Linux Enterprise Desktop 11 GA
  • libltdl7 >= 2.2.6-2.131.1
sle11-sdk.x86
sle11-debuginfo.s390x
sle11-debuginfo.ia64
sle11-sdk.x86-64
sles11.s390x
sled11.x86-64
sle11-debuginfo.x86-64
sles11.ppc
sled11.x86
sle11-debuginfo.x86
sle11-debuginfo.ppc
sles11.x86-64
sles11.ia64
sles11.x86
SAT Patch Nr: 1626
SUSE Linux Enterprise Desktop 11 GA
  • libltdl7 >= 2.2.6-2.131.1
  • libltdl7-32bit >= 2.2.6-2.131.1
sle11-sdk.x86
sle11-debuginfo.s390x
sle11-debuginfo.ia64
sle11-sdk.x86-64
sles11.s390x
sled11.x86-64
sle11-debuginfo.x86-64
sles11.ppc
sled11.x86
sle11-debuginfo.x86
sle11-debuginfo.ppc
sles11.x86-64
sles11.ia64
sles11.x86
SAT Patch Nr: 1626
SUSE Linux Enterprise Server 11 GA
  • libltdl7 >= 2.2.6-2.131.1
  • libtool >= 2.2.6-2.131.1
sle11-sdk.x86
sle11-debuginfo.s390x
sle11-debuginfo.ia64
sle11-sdk.x86-64
sles11.s390x
sled11.x86-64
sle11-debuginfo.x86-64
sles11.ppc
sled11.x86
sle11-debuginfo.x86
sle11-debuginfo.ppc
sles11.x86-64
sles11.ia64
sles11.x86
SAT Patch Nr: 1626
SUSE Linux Enterprise Server 11 GA
  • libltdl7 >= 2.2.6-2.131.1
  • libltdl7-x86 >= 2.2.6-2.131.1
  • libtool >= 2.2.6-2.131.1
  • libtool-x86 >= 2.2.6-2.131.1
sle11-sdk.x86
sle11-debuginfo.s390x
sle11-debuginfo.ia64
sle11-sdk.x86-64
sles11.s390x
sled11.x86-64
sle11-debuginfo.x86-64
sles11.ppc
sled11.x86
sle11-debuginfo.x86
sle11-debuginfo.ppc
sles11.x86-64
sles11.ia64
sles11.x86
SAT Patch Nr: 1626
SUSE Linux Enterprise Server 11 GA
  • libltdl7 >= 2.2.6-2.131.1
  • libltdl7-32bit >= 2.2.6-2.131.1
  • libtool >= 2.2.6-2.131.1
  • libtool-32bit >= 2.2.6-2.131.1
sle11-sdk.x86
sle11-debuginfo.s390x
sle11-debuginfo.ia64
sle11-sdk.x86-64
sles11.s390x
sled11.x86-64
sle11-debuginfo.x86-64
sles11.ppc
sled11.x86
sle11-debuginfo.x86
sle11-debuginfo.ppc
sles11.x86-64
sles11.ia64
sles11.x86
SAT Patch Nr: 1626
openSUSE 11.0
  • libtool-debuginfo >= 1.5.26-23.2
  • libtool-debugsource >= 1.5.26-23.2
openSUSE 11.0
  • libltdl-3 >= 1.5.26-23.2
  • libltdl-3-32bit >= 1.5.26-23.2
  • libltdl-3-64bit >= 1.5.26-23.2
  • libtool >= 1.5.26-23.2
  • libtool-32bit >= 1.5.26-23.2
  • libtool-64bit >= 1.5.26-23.2
openSUSE 11.1
  • libtool-debuginfo >= 2.2.6-1.36.1
  • libtool-debuginfo-32bit >= 2.2.6-1.36.1
  • libtool-debuginfo-64bit >= 2.2.6-1.36.1
  • libtool-debugsource >= 2.2.6-1.36.1
openSUSE 11.1
  • libltdl7 >= 2.2.6-1.36.1
  • libltdl7-32bit >= 2.2.6-1.36.1
  • libltdl7-64bit >= 2.2.6-1.36.1
  • libtool >= 2.2.6-1.36.1
  • libtool-32bit >= 2.2.6-1.36.1
  • libtool-64bit >= 2.2.6-1.36.1
openSUSE 11.2
  • libltdl7-debuginfo >= 2.2.6-47.451.1
  • libtool-debugsource >= 2.2.6-47.451.1
openSUSE 11.2
  • libltdl7 >= 2.2.6-47.451.1
  • libltdl7-32bit >= 2.2.6-47.451.1
  • libtool >= 2.2.6-47.451.1
  • libtool-32bit >= 2.2.6-47.451.1

© 2014 Novell