Lucene search

[email protected]CVE-2000-0723

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0723

2000-10-2004:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0723

helix gnome updater

/tmp directories

system configuration files

security vulnerability

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config.

Affected configurations

NVD

Node

helix_codegnome_installerMatch0.2

CPENameOperatorVersion
helix_code:gnome_installerhelix code gnome installereq0.2

CPE	Name	Operator	Version
helix_code:gnome_installer	helix code gnome installer	eq	0.2

References

archives.neohapsis.com/archives/bugtraq/2000-08/0251.html

www.securityfocus.com/bid/1596

www.securityfocus.com/templates/archive.pike?list=1&msg=E13QAYl-0007il-00%40the-village.bc.nu

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2000-0723

cvelist1 nvd1