Contact Us
SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME
 
Security Dashboard | US-CERTs | SecurityFocus | Advisories | Exploits | Threats | Vulnerabilities | Risks
Network Security Consulting Advisories Article

Mono 'LD_LIBRARY_PATH' Local Privilege Escalation Vulnerability

http://www.securityfocus.com/bid/44351

Security Info

Bugtraq ID: 44351
Class: Design Error
CVE: CVE-2010-3369
Remote: No
Local: Yes
Published: Sep 28 2010 12:00AM
Updated: Jun 22 2012 12:20AM
Credit: Raphael Geissert
Vulnerable: Mono Mono 2.4.3-2
Gentoo Linux
Not Vulnerable: Mono Mono 2.8.1

Security Discussion

Mono is prone to a local privilege-escalation vulnerability.

An attacker could exploit this issue by enticing an unsuspecting victim to run an application in a directory containing a malicious library file with a specific name. Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application.

Mono 2.4.3-2 is vulnerable; other versions may also be affected.

Proof of Concept and Security Exploits

An attacker may exploit this issue using commonly available tools.

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.

Security References(s)

References:

Contact Us

Security Penetration Testing

Security Questions

Security Dashboard

Emagined Security Blog featuring Dr. Eugene Schultz
Site Updated May 23, 2013
©2000-2013 Emagined Security
All Rights Reserved

Secure Web Programming
by Vizual Services