Описание
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
Отчет
This issue was fixed in the following products:
- Red Hat Linux 5.0 - RHSA-2000:057 (2000-09-01)
- Red Hat Linux 5.1 - RHSA-2000:057 (2000-09-01)
- Red Hat Linux 5.2 - RHSA-2000:057 (2000-09-01)
- Red Hat Linux 6.0 - RHSA-2000:057 (2000-09-01)
- Red Hat Linux 6.1 - RHSA-2000:057 (2000-09-01)
- Red Hat Linux 6.2 - RHSA-2000:057 (2000-09-01)
Ссылки на источники
Дополнительная информация
Связанные уязвимости
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.