Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNU C Library locale locale/programs/locale.c本地权限提升漏洞
Vulnerability Description
glibc(又名GNU C Library,libc6)是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library(又名glibc或者libc6)2.13之前版本中存在权限许可和访问控制漏洞,该漏洞是由于"locale"命令没有正确引用它的输出导致的。本地用户可以借助与执行了某脚本的程序相结合的特制本地环境变量获取特权,该脚本使用了eval函数。
CVSS Information
N/A
Vulnerability Type
N/A