redhat directory server is vulnerable to privilege escalation. It was found that multiple scripts shipped with Red Hat Directory Server set the LD_LIBRARY_PATH environment variable to an insecure value containing an empty path. A local user able to trick a user running those scripts (usually the root user) to run them while working from an attacker-writable directory could use this flaw to escalate their privileges via a specially-crafted dynamic library.
www.redhat.com/support/errata/RHSA-2011-0293.html
www.securityfocus.com/bid/46489
www.securitytracker.com/id?1025102
access.redhat.com/errata/RHSA-2011:0293
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=672468
exchange.xforce.ibmcloud.com/vulnerabilities/65637