Lucene search

[email protected]CVE-2000-0370

HistoryJul 12, 2000 - 4:00 a.m.

CVE-2000-0370

2000-07-1204:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0370

caldera linux

smail

debug option

remote command execution

shell metacharacters

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.5%

JSON

The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command.

Affected configurations

NVD

Node

calderaopenlinuxMatch1.0

calderaopenlinuxMatch1.1

calderaopenlinuxMatch1.2

calderaopenlinuxMatch1.3

CPENameOperatorVersion
caldera:openlinuxcaldera openlinuxeq1.0
caldera:openlinuxcaldera openlinuxeq1.1
caldera:openlinuxcaldera openlinuxeq1.2
caldera:openlinuxcaldera openlinuxeq1.3

CPE	Name	Operator	Version
caldera:openlinux	caldera openlinux	eq	1.0
caldera:openlinux	caldera openlinux	eq	1.1
caldera:openlinux	caldera openlinux	eq	1.2
caldera:openlinux	caldera openlinux	eq	1.3

References

ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-001.0.txt

www.securityfocus.com/bid/1268

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.5%

JSON

Related for CVE-2000-0370

nvd1 cvelist1