CVE-2000-0959 — LOW severity vulnerability (glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DE)
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
| CVE ID | CVE-2000-0959 |
|---|---|
| Severity | LOW |
| CVSS score | 1.2 |
| CVSS vector | AV:L/AC:H/Au:N/C:N/I:P/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2000-12-19 |
| Last modified | 2026-04-16 |
| Description | glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →