SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME

Network Security Consulting Advisories Article

Mono 'loader.c' Library Loading Local Privilege Escalation Vulnerability

http://www.securityfocus.com/bid/44810

Security Info

Bugtraq ID:	44810
Class:	Design Error
CVE:	CVE-2010-4159
Remote:	No
Local:	Yes
Published:	Nov 10 2010 12:00AM
Updated:	Jun 22 2012 12:20AM
Credit:	Richard Brooksby
Vulnerable:	SuSE SUSE Linux Enterprise 11 SP1 SuSE SUSE Linux Enterprise 11 SuSE SUSE Linux Enterprise 10 SP4 SuSE SUSE Linux Enterprise 10 SP3 Red Hat Fedora 14 Mono Mono 2.8 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 Mandriva Linux Mandrake 2010.0 x86_64 Mandriva Linux Mandrake 2010.0 Mandriva Linux Mandrake 2009.0 x86_64 Mandriva Linux Mandrake 2009.0 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Gentoo Linux

Not Vulnerable:

Security Discussion

Mono is prone to a local privilege-escalation vulnerability.

An attacker could exploit this issue by enticing an unsuspecting victim to run an application in a directory containing a malicious library file with a specific name. Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application.

Proof of Concept and Security Exploits

An attacker may exploit this issue using commonly available tools.

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.

Mandriva Linux Mandrake 2009.0 x86_64

Mandriva jay-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64mono-devel-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64mono0-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-bytefx-data-mysql-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-firebird-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-oracle-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-postgresql-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sqlite-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sybase-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-doc-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-extras-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-ibm-data-db2-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-jscript-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-locale-extras-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-nunit-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-web-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winforms-1.9.1-5.3mdv2009.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2010.0 x86_64

Mandriva jay-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64mono-devel-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64mono0-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-bytefx-data-mysql-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-firebird-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-oracle-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-postgresql-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sqlite-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sybase-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-doc-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-extras-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-ibm-data-db2-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-jscript-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-locale-extras-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-nunit-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-wcf-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-web-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winforms-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva monodoc-core-2.4.2.3-2.2mdv2010.0.x86_64.rpm
http://www.mandriva.com/en/download/

MandrakeSoft Enterprise Server 5

Mandriva jay-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libmono-devel-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libmono0-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-bytefx-data-mysql-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-firebird-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-oracle-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-postgresql-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sqlite-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sybase-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-doc-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-extras-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-ibm-data-db2-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-jscript-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-locale-extras-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-nunit-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-web-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winforms-1.9.1-5.3mdvmes5.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2010.1 x86_64

Mandriva jay-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64mono-devel-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64mono0-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-bytefx-data-mysql-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-firebird-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-oracle-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-postgresql-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sqlite-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sybase-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-doc-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-extras-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-ibm-data-db2-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-jscript-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-locale-extras-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-nunit-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-wcf-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-web-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winforms-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winfxcore-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva monodoc-core-2.6.4-4.1mdv2010.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2010.1

Mandriva jay-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libmono-devel-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libmono0-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-bytefx-data-mysql-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-firebird-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-oracle-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-postgresql-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sqlite-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sybase-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-doc-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-extras-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-ibm-data-db2-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-jscript-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-locale-extras-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-nunit-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-wcf-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-web-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winforms-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winfxcore-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva monodoc-core-2.6.4-4.1mdv2010.1.i586.rpm
http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2009.0

Mandriva jay-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libmono-devel-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libmono0-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-bytefx-data-mysql-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-firebird-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-oracle-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-postgresql-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sqlite-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sybase-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-doc-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-extras-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-ibm-data-db2-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-jscript-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-locale-extras-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-nunit-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-web-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winforms-1.9.1-5.3mdv2009.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva Linux Mandrake 2010.0

Mandriva jay-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libmono-devel-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva libmono0-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-bytefx-data-mysql-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-firebird-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-oracle-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-postgresql-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sqlite-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sybase-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-doc-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-extras-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-ibm-data-db2-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-jscript-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-locale-extras-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-nunit-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-wcf-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-web-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winforms-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

Mandriva monodoc-core-2.4.2.3-2.2mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/

MandrakeSoft Enterprise Server 5 x86_64

Mandriva jay-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64mono-devel-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva lib64mono0-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-bytefx-data-mysql-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-firebird-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-oracle-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-postgresql-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sqlite-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-data-sybase-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-doc-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-extras-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-ibm-data-db2-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-jscript-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-locale-extras-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-nunit-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-web-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Mandriva mono-winforms-1.9.1-5.3mdvmes5.1.x86_64.rpm
http://www.mandriva.com/en/download/

Security References(s)

References:

Bug 641915 - Security hole: Mono should not search current directory for DLLs (Novell)
Mono Home Page (Mono)
Mono loading shared libs from cwd (Richard Brooksby)
Search for dllimported shared libs in the base directory, not cwd. (Mono)

Emagined Security Blog featuring Dr. Eugene Schultz

Secure Web Programming
by Vizual Services