CVE-2009-4146

Name of the Vulnerable Software and Affected Versions FreeBSD versions 7.1 through 8.0

Description The issue concerns the rtld function in the Run-Time Link-Editor (rtld) which does not clear the LD PRELOAD environment variable. This allows local users to gain privileges by executing a setuid or setguid program with a modified LD PRELOAD variable containing an untrusted search path that points to a Trojan horse library.

Recommendations For FreeBSD versions 7.1 through 8.0, consider clearing the LD PRELOAD environment variable before executing setuid or setguid programs to prevent exploitation. As a temporary workaround, restrict the use of setuid and setguid programs until a proper fix is applied.