Lucene search

[email protected]CVE-2000-0693

HistoryMay 07, 2001 - 4:00 a.m.

CVE-2000-0693

2001-05-0704:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0693

raptor gfx

pgxconfig

system call

arbitrary command execution

relative path

local users

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the “cp” program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate “cp” program.

Affected configurations

NVD

Node

tech-sourceraptor_gfx_pgx32Match2.3.1

CPENameOperatorVersion
tech-source:raptor_gfx_pgx32tech-source raptor gfx pgx32eq2.3.1

CPE	Name	Operator	Version
tech-source:raptor_gfx_pgx32	tech-source raptor gfx pgx32	eq	2.3.1

References

archives.neohapsis.com/archives/bugtraq/2000-07/0463.html

www.osvdb.org/1501

www.securityfocus.com/bid/1563

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2000-0693

cvelist1 nvd1