CVE-2000-1013 Information

Description

The setlocale function in FreeBSD 5.0 and earlier and possibly other OSes allows local users to read arbitrary files via the LANG environmental variable.

Reference

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc