Lucene search

[email protected]CVE-2000-1040

HistoryJan 22, 2001 - 5:00 a.m.

CVE-2000-1040

2001-01-2205:00:00

[email protected]

web.nvd.nist.gov

cve-2000-1040

format string vulnerability

ypbind 3.3

debug mode

dos

leak

file descriptor

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.9%

JSON

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.

Affected configurations

NVD

Node

susesuse_linuxMatch6.2

susesuse_linuxMatch6.3

susesuse_linuxMatch6.4

susesuse_linuxMatch7.0

CPENameOperatorVersion
suse:suse_linuxsuse suse linuxeq6.2
suse:suse_linuxsuse suse linuxeq6.3
suse:suse_linuxsuse suse linuxeq6.4
suse:suse_linuxsuse suse linuxeq7.0

CPE	Name	Operator	Version
suse:suse_linux	suse suse linux	eq	6.2
suse:suse_linux	suse suse linux	eq	6.3
suse:suse_linux	suse suse linux	eq	6.4
suse:suse_linux	suse suse linux	eq	7.0

References

archives.neohapsis.com/archives/bugtraq/2000-10/0356.html

archives.neohapsis.com/archives/bugtraq/2000-10/0429.html

archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html

www.calderasystems.com/support/security/advisories/CSSA-2000-039.0.txt

www.debian.org/security/2000/20001014

www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1

www.redhat.com/support/errata/RHSA-2000-086.html

www.securityfocus.com/bid/1820

exchange.xforce.ibmcloud.com/vulnerabilities/5394

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.9%

JSON

Related for CVE-2000-1040

cvelist1 nvd1 suse1 nessus1