CVE-2000-0786

GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.

Date published : 2000-10-13

http://www.securityfocus.com/bid/1516

http://archives.neohapsis.com/archives/bugtraq/2000-07/0389.html