Unrated severityNVD Advisory· Published Mar 26, 2001· Updated Apr 16, 2026

CVE-2001-0170

Description

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.

Affected products

Immunix/Immunix
cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*
Conectiva/Linux9 versions
cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:ecommerce:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:graficas:*:*:*:*:*:*:*
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*
Red Hat/Linux2 versions
cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*
- cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2001-01/0186.htmlnvdPatchVendor Advisory
www.redhat.com/support/errata/RHSA-2001-001.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/2181nvdPatchVendor Advisory
archives.neohapsis.com/archives/bugtraq/2001-01/0131.htmlnvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/5907nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000