FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

torcs -- untrusted local library loading

Affected packages
torcs < 1.3.2

Details

VuXML ID e7fd27b2-3ae9-11e1-8b5c-00262d5ed8ee
Discovery 2010-10-20
Entry 2012-01-09

TORCS News reports:

An insecure change to LD_LIBRARY_PATH allows loading of libraries in directories other than the standard paths. This can be a problem when downloading and installing untrusted content from the Internet.

References

CVE Name CVE-2010-3384
URL http://sourceforge.net/tracker/index.php?func=detail&aid=3089384&group_id=3777&atid=103777
URL http://torcs.sourceforge.net/index.php?name=News&file=article&sid=77