CVE-2000-0824
published 2000-11-14CVE-2000-0824: The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local…
high7.2CVSS 3.1
AVLACLAuNCCICAC
EXPLOIT
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gnu | glibc | — | — |