Lucene search

[email protected]CVE-2000-0172

HistoryApr 10, 2000 - 4:00 a.m.

CVE-2000-0172

2000-04-1004:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0172

mtr program

gain root privileges

seteuid call

local user vulnerability

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.

Affected configurations

NVD

Node

matt_kimball_and_roger_wolffmtrMatch0.28

matt_kimball_and_roger_wolffmtrMatch0.41

Node

turbolinuxturbolinuxMatch3.5b2

turbolinuxturbolinuxMatch4.2

turbolinuxturbolinuxMatch4.4

turbolinuxturbolinuxMatch6.0.2

CPENameOperatorVersion
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.28
matt_kimball_and_roger_wolff:mtrmatt kimball and roger wolff mtreq0.41

CPE	Name	Operator	Version
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.28
matt_kimball_and_roger_wolff:mtr	matt kimball and roger wolff mtr	eq	0.41

References

www.securityfocus.com/bid/1038

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2000-0172

cvelist1 nvd1