Vulnerability Name:

CVE-2001-0169 (CCN-5971)

Assigned:2001-01-16
Published:2001-01-16
Updated:2017-10-10
Summary:When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:File Manipulation
References:Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2001-007-0
glibc security problems

Source: CCN
Type: BugTraq Mailing List, Sun Jan 21 2001 - 11:05:22 CST
glibc

Source: CCN
Type: Conectiva Linux Announcement CLSA-2001:379
glibc

Source: TURBO
Type: UNKNOWN
TLSA2000021-2

Source: MITRE
Type: CNA
CVE-2001-0169

Source: CCN
Type: Immunix OS Security Advisory IMNX-2001-62-001-01
glibc

Source: CCN
Type: TurboLinux Security Announcement TLSA2000021-2
[TL-Security-Announce] glibc-2.1.3-27 TLSA2000021-2

Source: CCN
Type: RHSA-2001-002
glibc local write access vulnerability

Source: CALDERA
Type: UNKNOWN
CSSA-2001-007

Source: DEBIAN
Type: UNKNOWN
DSA-039

Source: DEBIAN
Type: DSA-039
glibc -- local file overwrite

Source: CCN
Type: US-CERT VU#386504
glibc does not check SUID bit on libraries in /etc/ld.so.cache

Source: MANDRAKE
Type: Patch, Vendor Advisory
MDKSA-2001:012

Source: CCN
Type: EnGarde Secure Linux Security Advisory ESA-20010508-01
glibc local vulnerability

Source: SUSE
Type: UNKNOWN
SuSE-SA:2001:01

Source: CCN
Type: OSVDB ID: 1731
GNU C Library (glibc) LD_PRELOAD Arbitrary File Overwrite

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2001:002

Source: BUGTRAQ
Type: Patch
20010121 Trustix Security Advisory - glibc

Source: BID
Type: Patch, Vendor Advisory
2223

Source: CCN
Type: BID-2223
glibc LD_PRELOAD File Overwriting Vulnerability

Source: CCN
Type: SuSE Security Announcement SuSE-SA:2001:001
glibc/shlibs, in.ftpd

Source: CCN
Type: MandrakeSoft Security Advisory MDKSA-2001:012
glibc

Source: XF
Type: UNKNOWN
linux-glibc-preload-overwrite(5971)

Source: XF
Type: UNKNOWN
linux-glibc-preload-overwrite(5971)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.0:*:alpha:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.0:*:i386:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.0:*:sparc:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.1:*:alpha:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.1:*:i386:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.1:*:sparc:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:alpha:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:i386:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:sparc:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:*:*:*:*:*:* (Version <= 6.0.5)
  • OR cpe:/o:turbolinux:turbolinux:6.1:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:4.0es:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:4.1:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:4.2:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:prg_graficos:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:ecommerce:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:6.0.5:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:linux:7:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    mandrakesoft mandrake linux 6.0
    mandrakesoft mandrake linux 6.1
    mandrakesoft mandrake linux 7.0
    mandrakesoft mandrake linux 7.1
    mandrakesoft mandrake linux 7.2
    mandrakesoft mandrake linux corporate server 1.0.1
    redhat linux 6.0
    redhat linux 6.0
    redhat linux 6.0
    redhat linux 6.1
    redhat linux 6.1
    redhat linux 6.1
    redhat linux 6.2
    redhat linux 6.2
    redhat linux 6.2
    trustix secure linux 1.1
    trustix secure linux 1.2
    turbolinux turbolinux *
    turbolinux turbolinux 6.1
    linux linux kernel *
    redhat linux 6.0
    redhat linux 6.1
    redhat linux 6.2
    debian debian linux 2.2
    mandrakesoft mandrake linux 7.0
    mandrakesoft mandrake linux 7.1
    mandrakesoft mandrake linux 6.0
    mandrakesoft mandrake linux 6.1
    mandrakesoft mandrake linux 7.2
    conectiva linux 6.0
    mandrakesoft mandrake linux corporate server 1.0.1
    engardelinux secure community 1.0.1
    conectiva linux 4.0
    conectiva linux 4.0es
    conectiva linux 4.1
    conectiva linux 4.2
    conectiva linux 5.0
    conectiva linux prg_graficos
    conectiva linux ecommerce
    conectiva linux 5.1
    turbolinux turbolinux 6.0.5
    redhat linux 7