Vulnerabilities > CVE-2000-0959 - Unspecified vulnerability in GNU Glibc 2.1.3.10

CVSS 1.2 - LOW

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

high complexity

gnu

NVD

Published: 2000-12-19

Updated: 2017-10-10

Summary

glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.

Vulnerable Configurations

Part	Description	Count
Application	Gnu GNU Glibc 2.1.3.10	1

References

http://www.securityfocus.com/archive/1/85028
http://www.securityfocus.com/bid/1719
https://exchange.xforce.ibmcloud.com/vulnerabilities/5299