Lucene search

[email protected]NVD:CVE-2000-0844

HistoryNov 14, 2000 - 5:00 a.m.

CVE-2000-0844

2000-11-1405:00:00

CWE-264

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.9%

JSON

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Affected configurations

NVD

Node

calderaopenlinux_ebuilderMatch3.0

immuniximmunixMatch6.2

conectivalinuxMatch4.0

conectivalinuxMatch4.0es

conectivalinuxMatch4.1

conectivalinuxMatch4.2

conectivalinuxMatch5.0

conectivalinuxMatch5.1

sgiirixMatch6.2

sgiirixMatch6.3

sgiirixMatch6.4

sgiirixMatch6.5

sgiirixMatch6.5.1

sgiirixMatch6.5.2m

sgiirixMatch6.5.3

sgiirixMatch6.5.3f

sgiirixMatch6.5.3m

sgiirixMatch6.5.4

sgiirixMatch6.5.6

sgiirixMatch6.5.7

sgiirixMatch6.5.8

Node

calderaopenlinux

calderaopenlinux_eserverMatch2.3

debiandebian_linuxMatch2.0

debiandebian_linuxMatch2.1

debiandebian_linuxMatch2.2

debiandebian_linuxMatch2.3

ibmaixMatch3.2

ibmaixMatch3.2.4

ibmaixMatch3.2.5

ibmaixMatch4.0

ibmaixMatch4.1

ibmaixMatch4.1.1

ibmaixMatch4.1.2

ibmaixMatch4.1.3

ibmaixMatch4.1.4

ibmaixMatch4.1.5

ibmaixMatch4.2

ibmaixMatch4.2.1

ibmaixMatch4.3

ibmaixMatch4.3.1

ibmaixMatch4.3.2

mandrakesoftmandrake_linuxMatch7.0

mandrakesoftmandrake_linuxMatch7.1

redhatlinuxMatch5.0

redhatlinuxMatch5.1

redhatlinuxMatch5.2

redhatlinuxMatch6.0

redhatlinuxMatch6.1

redhatlinuxMatch6.2

slackwareslackware_linuxMatch7.0

slackwareslackware_linuxMatch7.1

sunsolarisMatch2.6

sunsunosMatch5.0

sunsunosMatch5.1

sunsunosMatch5.2

sunsunosMatch5.3

sunsunosMatch5.4

sunsunosMatch5.5

sunsunosMatch5.5.1

sunsunosMatch5.7

sunsunosMatch5.8

susesuse_linuxMatch6.1

susesuse_linuxMatch6.2

susesuse_linuxMatch6.3

susesuse_linuxMatch6.4

susesuse_linuxMatch7.0

trustixsecure_linuxMatch1.0

trustixsecure_linuxMatch1.1

turbolinuxturbolinuxMatch6.0

turbolinuxturbolinuxMatch6.0.1

turbolinuxturbolinuxMatch6.0.2

turbolinuxturbolinuxMatch6.0.3

turbolinuxturbolinuxMatch6.0.4

References

ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P

archives.neohapsis.com/archives/bugtraq/2000-08/0436.html

archives.neohapsis.com/archives/bugtraq/2000-08/0457.html

archives.neohapsis.com/archives/bugtraq/2000-10/0427.html

archives.neohapsis.com/archives/tru64/2000-q4/0000.html

www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt

www.debian.org/security/2000/20000902

www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html

www.redhat.com/support/errata/RHSA-2000-057.html

www.securityfocus.com/bid/1634

www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html

exchange.xforce.ibmcloud.com/vulnerabilities/5176

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.9%

JSON

Related for NVD:CVE-2000-0844

cvelist2 cve3 nvd2