Back to search
CVE-2000-0959
Published: Jan 22, 2001
Modified: Aug 8, 2024
PUBLISHED
Description
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1719
vdb-entry
x_refsource_BID
glibc-unset-symlink(5299)
vdb-entry
x_refsource_XF
20000926 ld.so bug - LD_DEBUG_OUTPUT follows symlinks
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now