Published: 31/12/2004 Updated: 11/10/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

GNU glibc 2.3.4 prior to 2.3.4.20040619, 2.3.3 prior to 2.3.3.20040420, and 2.3.2 prior to 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu glibc 2.0.1
gnu glibc 2.0.2
gnu glibc 2.1.1.6
gnu glibc 2.1.2
gnu glibc 2.2.4
gnu glibc 2.2.5
gnu glibc 2.0.3
gnu glibc 2.0.4
gnu glibc 2.1.3
gnu glibc 2.1.3.10
gnu glibc 2.3
gnu glibc 2.3.1
gnu glibc 2.0.5
gnu glibc 2.0.6
gnu glibc 2.1.9
gnu glibc 2.2
gnu glibc 2.2.1
gnu glibc 2.3.2
gnu glibc 2.3.3
gnu glibc 2.0
gnu glibc 2.1
gnu glibc 2.1.1
gnu glibc 2.2.2
gnu glibc 2.2.3
gnu glibc 2.3.4

Synopsis glibc security update Type/Severity Security Advisory: Low Topic Updated glibc packages that address several bugs are now availableThis update has been rated as having low security impact by the Red HatSecurity Response Team Description The GNU libc packages (known as glibc) cont ...

NVD-CWE-Other http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml http://bugs.gentoo.org/show_bug.cgi?id=59526 http://www.redhat.com/support/errata/RHSA-2005-261.html http://www.securityfocus.com/bid/10963 http://secunia.com/advisories/12306 http://www.redhat.com/support/errata/RHSA-2005-256.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2005:261

CVE-2004-1453

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect