← Zuruck zu CVEs
CVE-2006-6164
N/ABeschreibung
The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht11/29/2006
Zuletzt geandert4/9/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
openbsd:openbsd
Referenzen
http://secunia.com/advisories/22993(cve@mitre.org)
http://securitytracker.com/id?1017253(cve@mitre.org)
http://www.matasano.com/log/592/finger-79tcp-mcdonald-dowd-and-schuh-challenge-part-2/(cve@mitre.org)
http://www.openbsd.org/errata.html#ldso(cve@mitre.org)
http://www.openbsd.org/errata39.html#ldso(cve@mitre.org)
http://www.securityfocus.com/archive/1/452371/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/archive/1/452428/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/21188(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/30441(cve@mitre.org)
http://secunia.com/advisories/22993(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1017253(af854a3a-2127-422b-91ae-364da2661108)
http://www.matasano.com/log/592/finger-79tcp-mcdonald-dowd-and-schuh-challenge-part-2/(af854a3a-2127-422b-91ae-364da2661108)
http://www.openbsd.org/errata.html#ldso(af854a3a-2127-422b-91ae-364da2661108)
http://www.openbsd.org/errata39.html#ldso(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/452371/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/452428/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/21188(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/30441(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.