2.1

CVE-2001-0170

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ImmunixImmunix Version7.0_beta
ConectivaLinux Version4.0
ConectivaLinux Version4.0es
ConectivaLinux Version4.1
ConectivaLinux Version4.2
ConectivaLinux Version5.0
ConectivaLinux Version5.1
ConectivaLinux Version6.0
ConectivaLinux Versionecommerce
ConectivaLinux Versiongraficas
DebianDebian Linux Version2.3
RedhatLinux Version7.0 Editionalpha
RedhatLinux Version7.0 Editioni386
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.84% 0.531
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2001-001.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/2181
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5907