CVE-2001-0170
published 2001-03-26CVE-2001-0170: glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid…
low2.1CVSS 3.1
AVLACLAuNCPINAN
EXPLOIT
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| conectiva | linux | — | — |
| debian | debian_linux | — | — |
| immunix | immunix | — | — |
| redhat | linux | — | — |