CVE Kennung:	CVE-2009-3736
Beschreibung:	ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file.
Test Kennungen:	1.3.6.1.4.1.25623.1.0.66691   1.3.6.1.4.1.25623.1.0.66914   1.3.6.1.4.1.25623.1.0.66908   1.3.6.1.4.1.25623.1.0.67231   1.3.6.1.4.1.25623.1.0.67104   1.3.6.1.4.1.25623.1.0.66752   1.3.6.1.4.1.25623.1.0.66402   1.3.6.1.4.1.25623.1.0.66470   1.3.6.1.4.1.25623.1.0.66588   1.3.6.1.4.1.25623.1.0.67105   1.3.6.1.4.1.25623.1.0.67097   1.3.6.1.4.1.25623.1.0.67494   1.3.6.1.4.1.25623.1.0.67019   1.3.6.1.4.1.25623.1.0.66589   1.3.6.1.4.1.25623.1.0.66985   1.3.6.1.4.1.25623.1.0.66917   1.3.6.1.4.1.25623.1.0.66528   1.3.6.1.4.1.25623.1.0.67207   1.3.6.1.4.1.25623.1.0.67103   1.3.6.1.4.1.25623.1.0.66572   1.3.6.1.4.1.25623.1.0.67096   1.3.6.1.4.1.25623.1.0.66907   1.3.6.1.4.1.25623.1.0.66984   1.3.6.1.4.1.25623.1.0.66599   1.3.6.1.4.1.25623.1.0.67206   1.3.6.1.4.1.25623.1.0.69080   1.3.6.1.4.1.25623.1.0.122401   1.3.6.1.4.1.25623.1.0.122410   1.3.6.1.4.1.25623.1.0.862868   1.3.6.1.4.1.25623.1.0.880704   1.3.6.1.4.1.25623.1.0.880885   1.3.6.1.4.1.25623.1.0.880596   1.3.6.1.4.1.25623.1.0.862870   1.3.6.1.4.1.25623.1.0.880753
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3736 BugTraq ID: 37128 http://www.securityfocus.com/bid/37128 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01512.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035133.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035168.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054915.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054921.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054656.html http://security.gentoo.org/glsa/glsa-201311-10.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:307 http://www.mandriva.com/security/advisories?name=MDVSA-2010:035 http://www.mandriva.com/security/advisories?name=MDVSA-2010:091 http://www.mandriva.com/security/advisories?name=MDVSA-2010:105 http://lists.gnu.org/archive/html/libtool/2009-11/msg00065.html http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11687 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6951 RedHat Security Advisories: RHSA-2010:0039 http://www.redhat.com/support/errata/RHSA-2010-0039.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://secunia.com/advisories/37414 http://secunia.com/advisories/37489 http://secunia.com/advisories/37997 http://secunia.com/advisories/38190 http://secunia.com/advisories/38577 http://secunia.com/advisories/38617 http://secunia.com/advisories/38696 http://secunia.com/advisories/38915 http://secunia.com/advisories/39299 http://secunia.com/advisories/39347 http://secunia.com/advisories/43617 http://secunia.com/advisories/55721 SuSE Security Announcement: SUSE-SR:2010:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://www.vupen.com/english/advisories/2011/0574