Skip to main content

CVE-2004-1453

Severity Low
Score 2.1/10

Summary

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.

  • LOW
  • LOCAL
  • NONE
  • NONE
  • PARTIAL
  • NONE

References

Advisory Timeline

  • Published