CVE-2010-3376

NONE EPSS 29.9%
Published Oct 20, 201015y ago · Modified Jun 16, 20262w ago
Find Similar
Published Oct 20, 2010 15y ago
Last Modified Jun 16, 2026 2w ago

Description

The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ROOT 5.18/00 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Threat Intelligence

EPSS Exploit Probability
29.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Affected Products 1

VendorProductVersionRange
rootroot5.18\/00any

References 2

  • bugs.debian.org http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598419
    Exploit
  • bugs.debian.org http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598420
    Exploit

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.