Back to search
CVE-2006-6165
Published: Nov 29, 2006
Modified: Jan 17, 2025
PUBLISHED
Description
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is the responsibility of the application to properly sanitize the environment
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20061123 Re: Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.
mailing-list
x_refsource_BUGTRAQ
20061122 Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now