CVE-2004-1453

Published: Dec 31, 2004Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.

Affected (25)

Products: Gnu: Glibc

1 product

Configuration A

25 vulnerable

Vulnerable Software	Affected Versions
Gnu Glibc	Version 2.0.1
Gnu Glibc	Version 2.0.2
Gnu Glibc	Version 2.0.3
Gnu Glibc	Version 2.0.4
Gnu Glibc	Version 2.0.5
Gnu Glibc	Version 2.0.6
Gnu Glibc	Version 2.0
Gnu Glibc	Version 2.1.1.6
Gnu Glibc	Version 2.1.1
Gnu Glibc	Version 2.1.2
Gnu Glibc	Version 2.1.3.10
Gnu Glibc	Version 2.1.3
Gnu Glibc	Version 2.1.9
Gnu Glibc	Version 2.1
Gnu Glibc	Version 2.2.1
Gnu Glibc	Version 2.2.2
Gnu Glibc	Version 2.2.3
Gnu Glibc	Version 2.2.4
Gnu Glibc	Version 2.2.5
Gnu Glibc	Version 2.2
Gnu Glibc	Version 2.3.1
Gnu Glibc	Version 2.3.2
Gnu Glibc	Version 2.3.3
Gnu Glibc	Version 2.3.4
Gnu Glibc	Version 2.3

References (16)

http://bugs.gentoo.org/show_bug.cgi?id=59526

Source: cve@mitre.org

http://secunia.com/advisories/12306

Source: cve@mitre.org

Patch

http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2005-256.html

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-261.html

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/10963

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/17006

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762

Source: cve@mitre.org

http://bugs.gentoo.org/show_bug.cgi?id=59526

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/12306

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2005-256.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-261.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/10963

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/17006

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.