6 matches found
📄 telnetd Environment Variable Bypass
It has been discovered that telnetd has further bypass issues relating to environment variables that can achieve remote root. For 27 years, this issue persists. From: Justin Swartz Date: Tue, 24 Feb 2026 03:17:02 +0200 Greetings, I have been reviewing the recent vulnerability report by Ron Ben...
glibc unsetenv fails to properly handle environment variables passed more than once to a program
Overview The glibc implementation of unsetenv fails to properly remove one of two successive occurrences of the same environment variable if the variable is redundently passed to a program. Description The glibc implementation of unsetenv, if called to remove an environment variable that occurs t...
CVE-2000-0824
The CVE-2000-0824 issue involves glibc 2.1.1 unsetenv(): when a variable appears twice in the environment, the value may not be properly removed, enabling a local attacker to influence setuid programs with duplicate variables (e.g., LD_PRELOAD, LD_LIBRARY_PATH) and potentially execute code as roo...
CVE-2000-0824
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LDPRELOAD or...
Security Update: ld.so unsetenv problem
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Caldera Systems, Inc. Security Advisory Subject: ld.so unsetenv problem Advisory number: CSSA-2000-028.0 Issue date: 2000 August, 24 Cross reference: 1. Problem Description A bug has been discovered in ld.so that could allow local users to obtain supe...
unsetenv.txt
o unsetenv off-by-one error: The unsetenv function in glibc 2.1.1 suffers from a problem whereby when running through the environment variables, if the name of the variable being unset is present twice consecutively, the second is not destroyed. unsetenv is sometimes used by programs that depend ...