Multiple Linux Distributions CouchDB 'LD_LIBRARY_PATH' Remote Code Execution Vulnerability

Multiple Linux distributions are prone to a remote code-execution vulnerability that affects Apache CouchDB installations.

An attacker could exploit this issue by enticing an unsuspecting victim to run an application in a directory containing a malicious library file with a specific name. A successful exploit will allow arbitrary code to run within the privileges of the currently logged-in user.

Reportedly the issue affects Debian, Ubuntu and Red Hat Fedora distributions.


 

Privacy Statement
Copyright 2010, SecurityFocus