CVE-2004-1453

Description

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.

Affected packages (1)

• Debian/glibcfrom 0, < 2.3.5

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-1453