CVE-2000-0959

Low

1.2/10

Summary

glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.

Access Complexity: HIGH
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Dec 19, 2000

CVE-2000-0959

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS