Unrated severityNVD Advisory· Published Mar 26, 2001· Updated Apr 16, 2026
CVE-2001-0169
CVE-2001-0169
Description
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
Affected products
19cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*+ 8 more
- cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
- cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*
cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*
cpe:2.3:o:turbolinux:turbolinux:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:turbolinux:turbolinux:*:*:*:*:*:*:*:*range: <=6.0.5
- cpe:2.3:o:turbolinux:turbolinux:6.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3nvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2001-002.htmlnvdPatchVendor Advisory
- www.securityfocus.com/archive/1/157650nvdPatch
- www.securityfocus.com/bid/2223nvdPatchVendor Advisory
- archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.htmlnvd
- www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txtnvd
- www.debian.org/security/2001/dsa-039nvd
- www.novell.com/linux/security/advisories/2001_001_glibc_txt.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/5971nvd
News mentions
0No linked articles in our index yet.