Total vulnerabilities in the database
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
| Software | From | Fixed in |
|---|---|---|
| mandrakesoft / mandrake_linux | 7.2 | 7.2.x |
| trustix / secure_linux | 1.1 | 1.1.x |
| redhat / linux | 6.1 | 6.1.x |
| redhat / linux | 6.2 | 6.2.x |
| mandrakesoft / mandrake_linux | 7.0 | 7.0.x |
| redhat / linux | 6.0 | 6.0.x |
| mandrakesoft / mandrake_linux_corporate_server | 1.0.1 | 1.0.1.x |
| turbolinux / turbolinux | - | 6.0.5.x |
| mandrakesoft / mandrake_linux | 7.1 | 7.1.x |
| mandrakesoft / mandrake_linux | 6.0 | 6.0.x |
| turbolinux / turbolinux | 6.1 | 6.1.x |
| trustix / secure_linux | 1.2 | 1.2.x |
| mandrakesoft / mandrake_linux | 6.1 | 6.1.x |