Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tomboy LD_LIBRARY_PATH环境变量本地权限提升漏洞
Vulnerability Description
Tomboy是Linux和Unix平台上的桌面记事本程序。 Tomboy在处理环境变量时存在漏洞,本地攻击者可能利用此漏洞提升自己的权限。 app-misc/tomboy文件的/usr/bin/tomboy 脚本包含有以下行: export LD_LIBRARY_PATH="/usr/lib64/tomboy:$LD_LIBRARY_PATH" 该行将环境变量LD_LIBRARY_PATH设置为/usr/lib64/tomboy,也就是在当前目录中也可以查询必需的函数库,在tomboy中通常为用户的主目录
CVSS Information
N/A
Vulnerability Type
N/A