Lucene search

MitreCVE-2000-0336

HistoryJul 12, 2000 - 4:00 a.m.

CVE-2000-0336

2000-07-1204:00:00

mitre

web.nvd.nist.gov

linux

openldap server

local user

file modification

symlink attack

cve-2000-0336

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.4

Confidence

High

EPSS

Percentile

0.4%

JSON

Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.

Affected configurations

Nvd

Node

openldapopenldapMatch1.2.7

openldapopenldapMatch1.2.8

openldapopenldapMatch1.2.9

openldapopenldapMatch1.2.10

Node

mandrakesoftmandrake_linuxMatch6.1

mandrakesoftmandrake_linuxMatch7.0

redhatlinuxMatch6.1alpha

redhatlinuxMatch6.1i386

redhatlinuxMatch6.1sparc

redhatlinuxMatch6.2alpha

redhatlinuxMatch6.2i386

redhatlinuxMatch6.2sparc

turbolinuxturbolinuxMatch4.2

turbolinuxturbolinuxMatch4.4

turbolinuxturbolinuxMatch6.0.2

VendorProductVersionCPE
openldapopenldap1.2.7cpe:2.3:a:openldap:openldap:1.2.7:*:*:*:*:*:*:*
openldapopenldap1.2.8cpe:2.3:a:openldap:openldap:1.2.8:*:*:*:*:*:*:*
openldapopenldap1.2.9cpe:2.3:a:openldap:openldap:1.2.9:*:*:*:*:*:*:*
openldapopenldap1.2.10cpe:2.3:a:openldap:openldap:1.2.10:*:*:*:*:*:*:*
mandrakesoftmandrake_linux6.1cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
mandrakesoftmandrake_linux7.0cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
redhatlinux6.1cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*
redhatlinux6.1cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*
redhatlinux6.1cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*
redhatlinux6.2cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*

Vendor	Product	Version	CPE
openldap	openldap	1.2.7	cpe:2.3:a:openldap:openldap:1.2.7:::::::*
openldap	openldap	1.2.8	cpe:2.3:a:openldap:openldap:1.2.8:::::::*
openldap	openldap	1.2.9	cpe:2.3:a:openldap:openldap:1.2.9:::::::*
openldap	openldap	1.2.10	cpe:2.3:a:openldap:openldap:1.2.10:::::::*
mandrakesoft	mandrake_linux	6.1	cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:::::::*
mandrakesoft	mandrake_linux	7.0	cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:::::::*
redhat	linux	6.1	cpe:2.3:o:redhat:linux:6.1::alpha:::::
redhat	linux	6.1	cpe:2.3:o:redhat:linux:6.1::i386:::::
redhat	linux	6.1	cpe:2.3:o:redhat:linux:6.1::sparc:::::
redhat	linux	6.2	cpe:2.3:o:redhat:linux:6.2::alpha:::::

Rows per page:

1-10 of 151

References

ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt

www.redhat.com/support/errata/RHSA-2000-012.html

www.securityfocus.com/bid/1232

www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.4

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for CVE-2000-0336