Arbitrary Command Execution via Duplicate Environmental Variables in glibc 2.1.1

Arbitrary Command Execution via Duplicate Environmental Variables in glibc 2.1.1

CVE-2000-0824 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.

Learn more about our User Device Pen Test.