glibc unsetenv fails to properly handle environment variables passed more than once to a program

Overview The glibc implementation of unsetenv fails to properly remove one of two successive occurrences of the same environment variable if the variable is redundently passed to a program. Description The glibc implementation of unsetenv, if called to remove an environment variable that occurs t...

CVE-2000-0824

The CVE-2000-0824 issue involves glibc 2.1.1 unsetenv(): when a variable appears twice in the environment, the value may not be properly removed, enabling a local attacker to influence setuid programs with duplicate variables (e.g., LD_PRELOAD, LD_LIBRARY_PATH) and potentially execute code as roo...

CVE-2000-0824

The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LDPRELOAD or...

unsetenv.txt

o unsetenv off-by-one error: The unsetenv function in glibc 2.1.1 suffers from a problem whereby when running through the environment variables, if the name of the variable being unset is present twice consecutively, the second is not destroyed. unsetenv is sometimes used by programs that depend ...