Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0169 — Turbolinux vulnerability

6 documents6 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 65.55%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Turbolinux Mandrakesoft Mandrake Linux Mandrakesoft Mandrake Linux Corporate Server +2 more

Timeline

PublishedMar 26

Latest updateApr 30

Description

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages5 packages

▶NVDturbolinux/turbolinux6.0.5+1

▶NVDredhat/linux6.0, 6.1, 6.2+2

▶NVDtrustix/secure_linux1.1, 1.2+1

▶NVDmandrakesoft/mandrake_linux5 versions+4

▶NVDmandrakesoft/mandrake_linux_corporate_server1.0.1

Patches

Patch: www.linux-mandrake.com ↗Patch: www.redhat.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-r94v-226p-r77g: When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld↗2022-04-30

▶

CVEList

CVE-2001-0169: When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld↗2001-05-07

▶

💥Exploits & PoCs

Exploit-DB

GLIBC 2.1.3 - 'LD_PRELOAD' Local Privilege Escalation↗2001-03-04

▶

📋Vendor Advisories

Red Hat

security flaw↗2001-01-16

▶

💬Community

Bugzilla

CVE-2001-0169 security flaw↗2018-08-16

▶