CVE-1999-1182

Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.

Published: Jul 17, 1997
Updated: Apr 13, 2023
CVE: CVE-1999-1182
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
delix / dld	5.2	5.2.x
lst / lst_power_linux	2.2	2.2.x
debian / debian_linux	4.0	4.0.x
suse / suse_linux	5.0	5.0.x
redhat / linux	4.1	4.1.x
caldera / openlinux_lite	1.1	1.1.x
redhat / linux	4.0	4.0.x
redhat / linux	4.2	4.2.x

http://marc.info/?l=bugtraq&m=87602661419318&w=2
http://marc.info/?l=bugtraq&m=87602661419351&w=2
http://marc.info/?l=bugtraq&m=88661732807795&w=2

Vulnerability Database

289,599

CVE-1999-1182