CVE-2000-0824
glibc 2.1.1 - Local Command Execution via Duplicate Environmental Variables
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-0824. PoCs published by Tymm Twillman.
AI-analyzed exploit summary The writeup describes a format string vulnerability in ProFTPD due to improper handling of user input in the 'set_proc_title' function, allowing remote attackers to execute arbitrary code or escalate privileges by exploiting the snprintf function with crafted format specifiers.
Description
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
Exploits (1)
The writeup describes a format string vulnerability in ProFTPD due to improper handling of user input in the 'set_proc_title' function, allowing remote attackers to execute arbitrary code or escalate privileges by exploiting the snprintf function with crafted format specifiers.