N/A

A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.

N/A

N/A

glibc 缓冲区错误漏洞

glibc（又名GNU C Library，libc6）是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 glibc 2.5版本中存在缓冲区溢出漏洞，该漏洞源于程序没有正确的解析LD_LIBRARY_PATH环境变量。本地攻击者可借助LD_LIBRARY_PATH环境变量利用该漏洞执行任意代码或造成拒绝服务。

N/A

N/A