← CVECheck
HomeVulnerabilities

CVE-2000-0824 — HIGH severity vulnerability (The unsetenv function in glibc 2.1.1 does not properly unset)

The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.

CVE IDCVE-2000-0824
SeverityHIGH
CVSS score7.2
CVSS vectorAV:L/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2000-11-14
Last modified2026-04-16
DescriptionThe unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →