New Search

GNU Libtool 'libltdl' Library Search Path Local Privilege Escalation Vulnerability

oval:org.mitre.oval:def:6951

ltdl.c in libltdl in GNU Libtool 1.5.x and 2.2.6 before 2.2.6b as used in Ham Radio Control Libraries Q and possibly other products attempts to open a .la file in the current working directory which allows local users to gain privileges via a Trojan horse file.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • VMWare ESX Server 4.0
Class:
vulnerability
Reference(s):
  • CVE-2009-3736
Product(s):