Oval Definition:oval:org.mitre.oval:def:10762
Revision Date:2013-04-29Version:11
Title:GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
Description:GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-1453
Platform(s):CentOS Linux 3
Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • glibc is earlier than 0:2.3.2-95.33
  • OR glibc-utils is earlier than 0:2.3.2-95.33
  • OR glibc-devel is earlier than 0:2.3.2-95.33
  • OR nptl-devel is earlier than 0:2.3.2-95.33
  • OR nscd is earlier than 0:2.3.2-95.33
  • OR glibc-profile is earlier than 0:2.3.2-95.33
  • OR glibc-common is earlier than 0:2.3.2-95.33
  • OR glibc-headers is earlier than 0:2.3.2-95.33
    • BACK