GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Glibc | Gnu | 2.0 (including) | 2.0 (including) |
| Glibc | Gnu | 2.0.1 (including) | 2.0.1 (including) |
| Glibc | Gnu | 2.0.2 (including) | 2.0.2 (including) |
| Glibc | Gnu | 2.0.3 (including) | 2.0.3 (including) |
| Glibc | Gnu | 2.0.4 (including) | 2.0.4 (including) |
| Glibc | Gnu | 2.0.5 (including) | 2.0.5 (including) |
| Glibc | Gnu | 2.0.6 (including) | 2.0.6 (including) |
| Glibc | Gnu | 2.1 (including) | 2.1 (including) |
| Glibc | Gnu | 2.1.1 (including) | 2.1.1 (including) |
| Glibc | Gnu | 2.1.1.6 (including) | 2.1.1.6 (including) |
| Glibc | Gnu | 2.1.2 (including) | 2.1.2 (including) |
| Glibc | Gnu | 2.1.3 (including) | 2.1.3 (including) |
| Glibc | Gnu | 2.1.3.10 (including) | 2.1.3.10 (including) |
| Glibc | Gnu | 2.1.9 (including) | 2.1.9 (including) |
| Glibc | Gnu | 2.2 (including) | 2.2 (including) |
| Glibc | Gnu | 2.2.1 (including) | 2.2.1 (including) |
| Glibc | Gnu | 2.2.2 (including) | 2.2.2 (including) |
| Glibc | Gnu | 2.2.3 (including) | 2.2.3 (including) |
| Glibc | Gnu | 2.2.4 (including) | 2.2.4 (including) |
| Glibc | Gnu | 2.2.5 (including) | 2.2.5 (including) |
| Glibc | Gnu | 2.3 (including) | 2.3 (including) |
| Glibc | Gnu | 2.3.1 (including) | 2.3.1 (including) |
| Glibc | Gnu | 2.3.2 (including) | 2.3.2 (including) |
| Glibc | Gnu | 2.3.3 (including) | 2.3.3 (including) |
| Glibc | Gnu | 2.3.4 (including) | 2.3.4 (including) |