Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1182

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-1999-1182
Last Modified 05 Sep 2008 04:18:54
Published 17 Jul 1997 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1182

Summary

Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.

Vulnerable Systems

Operating System

  • Caldera Openlinux Lite 1.1

  • Debian Linux 4.0

  • Lst Power Linux 2.2

  • Redhat Linux 4.0

  • Redhat Linux 4.1

  • Redhat Linux 4.2

  • Suse Linux 5.0

Application

  • Delix Dld 5.2


References

BUGTRAQ - 19970722 ld.so vulnerability

BUGTRAQ - 19970717 KSR[T] Advisory #2: ld.so

BUGTRAQ - 19980204 An old ld-linux.so hole


Last Updated: 27 May 2016 10:35:19