CVE-2001-0170

2001-03-26T05:00:00
ID CVE-2001-0170
Type cve
Reporter cve@mitre.org
Modified 2017-10-10T01:29:00

Description

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.