Lucene search

MitreCVE-2000-1202

HistorySep 12, 2001 - 4:00 a.m.

CVE-2000-1202

2001-09-1204:00:00

mitre

web.nvd.nist.gov

cve-2000-1202

ibm ibmhsssb 1.0

ikeyman

classpath

root

code execution

security vulnerability.

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

Percentile

5.1%

JSON

ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user’s own CLASSPATH directories before the system’s directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class.

Affected configurations

Nvd

Node

ibmhttp_server_ssl_module_commonMatch1.0

VendorProductVersionCPE
ibmhttp_server_ssl_module_common1.0cpe:2.3:a:ibm:http_server_ssl_module_common:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	http_server_ssl_module_common	1.0	cpe:2.3:a:ibm:http_server_ssl_module_common:1.0:::::::*

References

www.securityfocus.com/archive/1/54073

www.securityfocus.com/bid/1092

exchange.xforce.ibmcloud.com/vulnerabilities/4235

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2000-1202