FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libtool -- Library Search Path Privilege Escalation Issue

Affected packages
libtool < 2.2.6b

Details

VuXML ID 77c14729-dc5e-11de-92ae-02e0184b8d35
Discovery 2009-11-25
Entry 2009-11-28
Modified 2010-05-02

Secunia.com

Do not attempt to load an unqualified module.la file from the current directory (by default) since doing so is insecure and is not compliant with the documentation.

References

CVE Name CVE-2009-3736
URL http://lists.gnu.org/archive/html/libtool/2009-11/msg00059.html
URL http://secunia.com/advisories/37414/