CVE-2011-1095

EUVD-2011-1109
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.2 UNKNOWN
LOCAL
HIGH
AV:L/AC:H/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Affected Products (NVD)
VendorProductVersion
gnuglibc
𝑥
≤ 2.12.2
gnuglibc
1.00
gnuglibc
1.01
gnuglibc
1.02
gnuglibc
1.03
gnuglibc
1.04
gnuglibc
1.05
gnuglibc
1.06
gnuglibc
1.07
gnuglibc
1.08
gnuglibc
1.09
gnuglibc
1.09.1
gnuglibc
2.0
gnuglibc
2.0.1
gnuglibc
2.0.2
gnuglibc
2.0.3
gnuglibc
2.0.4
gnuglibc
2.0.5
gnuglibc
2.0.6
gnuglibc
2.1
gnuglibc
2.1.1
gnuglibc
2.1.1.6
gnuglibc
2.1.2
gnuglibc
2.1.3
gnuglibc
2.1.3.10
gnuglibc
2.1.9
gnuglibc
2.2
gnuglibc
2.2.1
gnuglibc
2.2.2
gnuglibc
2.2.3
gnuglibc
2.2.4
gnuglibc
2.2.5
gnuglibc
2.3
gnuglibc
2.3.1
gnuglibc
2.3.2
gnuglibc
2.3.3
gnuglibc
2.3.4
gnuglibc
2.3.5
gnuglibc
2.3.6
gnuglibc
2.3.10
gnuglibc
2.4
gnuglibc
2.5
gnuglibc
2.5.1
gnuglibc
2.6
gnuglibc
2.6.1
gnuglibc
2.7
gnuglibc
2.8
gnuglibc
2.9
gnuglibc
2.10
gnuglibc
2.10.1
gnuglibc
2.10.2
gnuglibc
2.11
gnuglibc
2.11.1
gnuglibc
2.11.2
gnuglibc
2.11.3
gnuglibc
2.12.0
gnuglibc
2.12.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
glibc
bookworm
2.36-9+deb12u8
fixed
bookworm (security)
2.36-9+deb12u7
fixed
bullseye
2.31-13+deb11u11
fixed
bullseye (security)
2.31-13+deb11u10
fixed
lenny
no-dsa
sid
2.40-3
fixed
trixie
2.40-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
eglibc
dapper
dne
hardy
dne
karmic
ignored
lucid
Fixed 2.11.1-0ubuntu7.10
released
maverick
Fixed 2.12.1-0ubuntu10.4
released
natty
not-affected
oneiric
not-affected
glibc
dapper
ignored
hardy
Fixed 2.7-10ubuntu8.1
released
karmic
dne
lucid
dne
maverick
dne
natty
dne
oneiric
dne
Common Weakness Enumeration
References
http://bugs.gentoo.org/show_bug.cgi?id=330923
http://openwall.com/lists/oss-security/2011/03/08/21
http://openwall.com/lists/oss-security/2011/03/08/22
http://openwall.com/lists/oss-security/2011/03/08/8
http://secunia.com/advisories/43830
http://secunia.com/advisories/43976
http://secunia.com/advisories/43989
http://secunia.com/advisories/46397
http://security.gentoo.org/glsa/glsa-201011-01.xml
http://securitytracker.com/id?1025286
http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904
http://sourceware.org/bugzilla/show_bug.cgi?id=11904
http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259
http://www.mandriva.com/security/advisories?name=MDVSA-2011:178
http://www.redhat.com/support/errata/RHSA-2011-0412.html
http://www.redhat.com/support/errata/RHSA-2011-0413.html
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://www.vupen.com/english/advisories/2011/0863
https://bugzilla.redhat.com/show_bug.cgi?id=625893
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272
http://bugs.gentoo.org/show_bug.cgi?id=330923
http://openwall.com/lists/oss-security/2011/03/08/21
http://openwall.com/lists/oss-security/2011/03/08/22
http://openwall.com/lists/oss-security/2011/03/08/8
http://secunia.com/advisories/43830
http://secunia.com/advisories/43976
http://secunia.com/advisories/43989
http://secunia.com/advisories/46397
http://security.gentoo.org/glsa/glsa-201011-01.xml
http://securitytracker.com/id?1025286
http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904
http://sourceware.org/bugzilla/show_bug.cgi?id=11904
http://sourceware.org/git/?p=glibc.git%3Ba=patch%3Bh=026373745eab50a683536d950cb7e17dc98c4259
http://www.mandriva.com/security/advisories?name=MDVSA-2011:178
http://www.redhat.com/support/errata/RHSA-2011-0412.html
http://www.redhat.com/support/errata/RHSA-2011-0413.html
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://www.vupen.com/english/advisories/2011/0863
https://bugzilla.redhat.com/show_bug.cgi?id=625893
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12272