Lucene search

[email protected]CVE-2000-0701

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0701

2000-10-2004:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0701

mailman

wrapper program

vulnerability

local users

gain privileges

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.0%

JSON

The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.

Affected configurations

NVD

Node

gnumailmanMatch2.0beta3

gnumailmanMatch2.0beta4

conectivalinuxMatch4.1

conectivalinuxMatch4.2

conectivalinuxMatch5.0

conectivalinuxMatch5.1

Node

redhatlinux

CPENameOperatorVersion
gnu:mailmangnu mailmaneq2.0
conectiva:linuxconectiva linuxeq4.1
conectiva:linuxconectiva linuxeq4.2
conectiva:linuxconectiva linuxeq5.0
conectiva:linuxconectiva linuxeq5.1

CPE	Name	Operator	Version
gnu:mailman	gnu mailman	eq	2.0
conectiva:linux	conectiva linux	eq	4.1
conectiva:linux	conectiva linux	eq	4.2
conectiva:linux	conectiva linux	eq	5.0
conectiva:linux	conectiva linux	eq	5.1

References

archives.neohapsis.com/archives/bugtraq/2000-07/0474.html

archives.neohapsis.com/archives/bugtraq/2000-07/0479.html

www.redhat.com/support/errata/RHSA-2000-030.html

www.securityfocus.com/archive/1/73220

www.securityfocus.com/bid/1539

www.securityfocus.com/templates/archive.pike?list=1&msg=20000802105050.A11733%40rak.isternet.sk

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.0%

JSON

Related for CVE-2000-0701

nvd1 cvelist1