CVE-2010-3365

Name of the Vulnerable Software and Affected Versions Mistelix version 0.31

Description The issue allows local users to gain privileges via a Trojan horse shared library in the current working directory. This is possible because Mistelix 0.31 places a zero-length directory name in the LD LIBRARY PATH.

Recommendations For Mistelix version 0.31, consider restricting access to the LD LIBRARY PATH environment variable to prevent unauthorized modifications until a patch is available. As a temporary workaround, avoid using Mistelix version 0.31 in environments where local users could potentially exploit this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.