Bugtraq mailing list archives
Re: A few bugs...
From: okir () MONAD SWB DE (Olaf Kirch)
Date: Mon, 20 Sep 1999 11:14:41 +0200
On Fri, Sep 17, 1999 at 02:23:48PM -0500, Tymm Twillman wrote:
- Glibc 2.1.1: o unsetenv() off-by-one error: The unsetenv function in glibc 2.1.1 suffers from a problem whereby when running through the environment variables, if the name of the variable being unset is present twice consecutively, the second is not destroyed. unsetenv is sometimes used by programs that depend on it clearing out variables for protection against evil environment variables.
In particular, by ld.so. While this hole doesn't affect setuid programs themselves, it means that programs run by the setuid application can be fooled into using the LD_* variables. Olaf -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play okir () monad swb de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax okir () caldera de +-------------------- Why Not?! ----------------------- UNIX, n.: Spanish manufacturer of fire extinguishers.
Current thread:
- Re: Internet Explorer 5.0 & AOL Instant Messenger 3.x (latest version) Bug forcing Win98 to crash remotely, (continued)
- Re: Internet Explorer 5.0 & AOL Instant Messenger 3.x (latest version) Bug forcing Win98 to crash remotely Peter Haglund (Sep 24)
- Re: More fun with WWWBoard Vladimir Dubrovin (Sep 21)
- SCO 5.0.x scosession local exploit Brock Tellier (Sep 22)
- Re: More fun with WWWBoard Ben Laurie (Sep 23)
- SuSE 6.2 sccw overflow exploit Brock Tellier (Sep 23)
- Security Bulletins Digest Aleph One (Sep 20)
- Microsoft Security Bulletin (MS99-038) Aleph One (Sep 20)
- FreeBSD Security Advisory: FreeBSD-SA-99:06.amd Aleph One (Sep 20)
- socket buffer DoS/administrative limits (fwd) Brian F. Feldman (Sep 17)
- A few bugs... Tymm Twillman (Sep 17)
- Re: A few bugs... Olaf Kirch (Sep 20)
- Re: IE5 allows executing programs SysAdmin (Sep 07)