CVE-2014-0475
glibc: directory traversal in LC_* locale handling
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.
Múltiples vulnerabilidades de salto de directorio en GNU C Library (también conocido como glibc or libc6) anterior a 2.20 permiten a atacantes dependientes de contexto evadir las restricciones ForceCommand y posiblemente tener otro impacto no especificado a través de un .. (punto punto) en una variable (1) LC_*, (2) LANG o otra variable del entorno local.
A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value (for example, specified in an LC_* environment variable) could possibly use this flaw to execute arbitrary code with the privileges of that application.
USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the fix for CVE-2013-4357 introduced a memory leak in getaddrinfo. This update fixes the problem. Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS. It was discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. Stephane Chazelas discovered that the GNU C Library incorrectly handled locale environment variables. An attacker could use this issue to possibly bypass certain restrictions such as the ForceCommand restrictions in OpenSSH. David Reid, Glyph Lefkowitz, and Alex Gaynor discovered that the GNU C Library incorrectly handled posix_spawn_file_actions_addopen() path arguments. An attacker could use this issue to cause a denial of service. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-12-19 CVE Reserved
- 2014-07-11 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://linux.oracle.com/errata/ELSA-2015-0092.html | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2014/07/10/7 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2014/07/14/6 | Mailing List |
|
| http://www.securityfocus.com/bid/68505 | Vdb Entry | |
| http://www.securitytracker.com/id/1030569 | Vdb Entry | |
| https://sourceware.org/bugzilla/show_bug.cgi?id=17137 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2014/dsa-2976 | 2016-11-28 | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2014:152 | 2016-11-28 | |
| https://rhn.redhat.com/errata/RHSA-2014-1110.html | 2016-11-28 | |
| https://security.gentoo.org/glsa/201602-02 | 2016-11-28 | |
| https://access.redhat.com/security/cve/CVE-2014-0475 | 2014-08-29 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1102353 | 2014-08-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | <= 2.19 Search vendor "Gnu" for product "Glibc" and version " <= 2.19" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.0 Search vendor "Gnu" for product "Glibc" and version "2.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.0.1 Search vendor "Gnu" for product "Glibc" and version "2.0.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.0.2 Search vendor "Gnu" for product "Glibc" and version "2.0.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.0.3 Search vendor "Gnu" for product "Glibc" and version "2.0.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.0.4 Search vendor "Gnu" for product "Glibc" and version "2.0.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.0.5 Search vendor "Gnu" for product "Glibc" and version "2.0.5" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.0.6 Search vendor "Gnu" for product "Glibc" and version "2.0.6" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.1 Search vendor "Gnu" for product "Glibc" and version "2.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.1.1 Search vendor "Gnu" for product "Glibc" and version "2.1.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.1.1.6 Search vendor "Gnu" for product "Glibc" and version "2.1.1.6" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.1.2 Search vendor "Gnu" for product "Glibc" and version "2.1.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.1.3 Search vendor "Gnu" for product "Glibc" and version "2.1.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.1.9 Search vendor "Gnu" for product "Glibc" and version "2.1.9" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.10.1 Search vendor "Gnu" for product "Glibc" and version "2.10.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.11 Search vendor "Gnu" for product "Glibc" and version "2.11" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.11.1 Search vendor "Gnu" for product "Glibc" and version "2.11.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.11.2 Search vendor "Gnu" for product "Glibc" and version "2.11.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.11.3 Search vendor "Gnu" for product "Glibc" and version "2.11.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.12 Search vendor "Gnu" for product "Glibc" and version "2.12" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.12.1 Search vendor "Gnu" for product "Glibc" and version "2.12.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.12.2 Search vendor "Gnu" for product "Glibc" and version "2.12.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.13 Search vendor "Gnu" for product "Glibc" and version "2.13" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.14 Search vendor "Gnu" for product "Glibc" and version "2.14" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.14.1 Search vendor "Gnu" for product "Glibc" and version "2.14.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.15 Search vendor "Gnu" for product "Glibc" and version "2.15" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.16 Search vendor "Gnu" for product "Glibc" and version "2.16" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.17 Search vendor "Gnu" for product "Glibc" and version "2.17" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Glibc Search vendor "Gnu" for product "Glibc" | 2.18 Search vendor "Gnu" for product "Glibc" and version "2.18" | - |
Affected
| ||||||