Lucene search

MitreCVE-2000-1010

HistoryJan 22, 2001 - 5:00 a.m.

CVE-2000-1010

2001-01-2205:00:00

mitre

web.nvd.nist.gov

openbsd

talkd

format string vulnerability

remote attack

arbitrary commands

cve-2000-1010.

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.005

Percentile

77.4%

JSON

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

Affected configurations

Nvd

Node

openbsdopenbsdMatch2.3

openbsdopenbsdMatch2.4

openbsdopenbsdMatch2.5

openbsdopenbsdMatch2.6

openbsdopenbsdMatch2.7

redhatlinuxMatch5.0

redhatlinuxMatch5.1

redhatlinuxMatch5.2alpha

redhatlinuxMatch5.2i386

redhatlinuxMatch5.2sparc

VendorProductVersionCPE
openbsdopenbsd2.3cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
openbsdopenbsd2.4cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
openbsdopenbsd2.5cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
openbsdopenbsd2.6cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
openbsdopenbsd2.7cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
redhatlinux5.0cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*
redhatlinux5.1cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*
redhatlinux5.2cpe:2.3:o:redhat:linux:5.2:*:alpha:*:*:*:*:*
redhatlinux5.2cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*
redhatlinux5.2cpe:2.3:o:redhat:linux:5.2:*:sparc:*:*:*:*:*

Vendor	Product	Version	CPE
openbsd	openbsd	2.3	cpe:2.3:o:openbsd:openbsd:2.3:::::::*
openbsd	openbsd	2.4	cpe:2.3:o:openbsd:openbsd:2.4:::::::*
openbsd	openbsd	2.5	cpe:2.3:o:openbsd:openbsd:2.5:::::::*
openbsd	openbsd	2.6	cpe:2.3:o:openbsd:openbsd:2.6:::::::*
openbsd	openbsd	2.7	cpe:2.3:o:openbsd:openbsd:2.7:::::::*
redhat	linux	5.0	cpe:2.3:o:redhat:linux:5.0:::::::*
redhat	linux	5.1	cpe:2.3:o:redhat:linux:5.1:::::::*
redhat	linux	5.2	cpe:2.3:o:redhat:linux:5.2::alpha:::::
redhat	linux	5.2	cpe:2.3:o:redhat:linux:5.2::i386:::::
redhat	linux	5.2	cpe:2.3:o:redhat:linux:5.2::sparc:::::

References

www.securityfocus.com/archive/1/137890

www.securityfocus.com/bid/1764

exchange.xforce.ibmcloud.com/vulnerabilities/5344

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.005

Percentile

77.4%

JSON

Related for CVE-2000-1010