CVE-2000-0824

Severity

72%

Complexity

39%

Confidentiality

165%

The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.

The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 24 years ago

2000-11-14 05:00:00

Last updated 7 years ago

2017-10-10 01:29:00

Affected Software

GNU glibc 2.1.1

2.1.1

References

20000902 Conectiva Linux Security Announcement - glibc

20000905 Conectiva Linux Security Announcement - glibc

20000906 [slackware-security]: glibc 2.1.3 vulnerabilities patched

19990917 A few bugs...

CSSA-2000-028.0

20000902 glibc: local root exploit

MDKSA-2000:040

MDKSA-2000:045

20000924 glibc locale security problem

RHSA-2000:057

20000831 glibc unsetenv bug

Patch, Vendor Advisory

1639

648

Exploit, Patch, Vendor Advisory

TLSA2000020-1

glibc-ld-unsetenv(5173)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.