CVE-2010-3376

Name of the Vulnerable Software and Affected Versions ROOT versions 5.18/00

Description The issue concerns the proofserv, xrdcp, xrdpwdadmin, and xrd scripts in ROOT, which place a zero-length directory name in the LD LIBRARY PATH. This allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Recommendations For ROOT version 5.18/00, consider restricting access to the LD LIBRARY PATH environment variable to prevent unauthorized modifications, and avoid using the proofserv, xrdcp, xrdpwdadmin, and xrd scripts until a patch is available. As a temporary workaround, consider setting the LD LIBRARY PATH to a known safe value before executing these scripts.