3 matches found
FreeBSD Security Advisory (FreeBSD-SA-09:16.rtld.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:16.rtld.asc SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
FreeBSD Security Advisory FreeBSD-SA-09:16.rtld
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:16.rtld Security Advisory The FreeBSD Project Topic: Improper environment sanitization in rtld1 Category: core Module: rtld Announced: 2009-12-03 Affects:...
CVE-2009-4146
The CVE-2009-4146 entry concerns FreeBSD's run-time linker (rtld) in libexec/rtld-elf/rtld.c. The underlying issue is that rtld's unsetenv logic does not clear LD_PRELOAD when __findenv() fails, enabling a local user to influence library loading via a modified LD_PRELOAD path and gain privileges ...