Debian: Critical Advisory - glibc Local Exploit Severity: Critical
debian
September 2, 2000
Recently two problems have been found in the glibc suite, which could beused to trick setuid applications to run arbitrary code.
Summary
The first problem is the way ld.so handles environment variables: in
order to provide a safe environment for setuid applications it removes
certain the environment variables that can influence application
execution such as LD_PRELOAD and LD_LIBRARY_PATH. Unfortunately there
was a bug that could cause ld.so to not remove them under some
conditions. This would affect setuid applications if they execute
another binary without dropping privileges or cleaning up the
environment themselves.
The second problem is the locale handling in glibc. glibc checks for
characters like `/' in the LANG and LC_* environment variables to see if
someone is trying to trick a program into reading arbitrary files.
Unfortunately there were some logic errors in those checks which could
be used to make a setuid application use arbitrary files for localization
settings, which can be exploited to trick it into executing arbitrary
code.
These problems have been fixed in version 2.1.3-13, and we recommend
that ...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!