CVEs-PoC/2010/CVE-2010-3847.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-08 22:35:37 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LD_AUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object (DSO) located in an arbitrary directory.

POC

Reference

https://www.exploit-db.com/exploits/44024/
https://www.exploit-db.com/exploits/44025/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/CVEDB/PoC-List
https://github.com/CVEDB/awesome-cve-repo
https://github.com/grzegorzblaszczyk/CVE-2010-4476-check
https://github.com/magisterquis/cve-2010-3847

1.0 KiB Raw Blame History

CVE-2010-3847

Description

POC

Reference

Github

1.0 KiB

Raw Blame History