Total vulnerabilities in the database
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
| Software | From | Fixed in |
|---|---|---|
| gnu / glibc | 2.2.2 | 2.2.2.x |
| gnu / glibc | 2.1.2 | 2.1.2.x |
| gnu / glibc | 2.0.5 | 2.0.5.x |
| gnu / glibc | 2.2.5 | 2.2.5.x |
| gnu / glibc | 2.0.6 | 2.0.6.x |
| gnu / glibc | 2.1.1 | 2.1.1.x |
| gnu / glibc | 2.0.3 | 2.0.3.x |
| gnu / glibc | 2.3.1 | 2.3.1.x |
| gnu / glibc | 2.3 | 2.3.x |
| gnu / glibc | 2.0 | 2.0.x |
| gnu / glibc | 2.1.1.6 | 2.1.1.6.x |
| gnu / glibc | 2.1 | 2.1.x |
| gnu / glibc | 2.3.4 | 2.3.4.x |
| gnu / glibc | 2.1.9 | 2.1.9.x |
| gnu / glibc | 2.3.3 | 2.3.3.x |
| gnu / glibc | 2.0.1 | 2.0.1.x |
| gnu / glibc | 2.0.4 | 2.0.4.x |
| gnu / glibc | 2.0.2 | 2.0.2.x |
| gnu / glibc | 2.2.1 | 2.2.1.x |
| gnu / glibc | 2.3.2 | 2.3.2.x |
| gnu / glibc | 2.1.3.10 | 2.1.3.10.x |
| gnu / glibc | 2.2.3 | 2.2.3.x |
| gnu / glibc | 2.2.4 | 2.2.4.x |
| gnu / glibc | 2.1.3 | 2.1.3.x |
| gnu / glibc | 2.2 | 2.2.x |