CVE-2001-0170

glibc <2.1.9x - Info Disclosure

Title source: llm

Description

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.

Exploits (2)

exploitdb WORKING POC VERIFIED
by krochos · bashlocallinux
https://www.exploit-db.com/exploits/258
exploitdb WORKING POC VERIFIED
by Jared Mauch · textlocallinux
https://www.exploit-db.com/exploits/317

References (5)

Scores

EPSS 0.0064
EPSS Percentile 70.6%

Details

Status published
Products (12)
conectiva/linux 4.0
conectiva/linux 4.0es
conectiva/linux 4.1
conectiva/linux 4.2
conectiva/linux 5.0
conectiva/linux 5.1
conectiva/linux 6.0
conectiva/linux ecommerce
conectiva/linux graficas
debian/debian_linux 2.3
... and 2 more
Published Mar 26, 2001
Tracked Since Feb 18, 2026