Search...

CVE-2000-0751

2000-10-20T04:00:00

ID CVE-2000-0751
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:21:00

Description

mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.

JSON Vulners Source

Initial Source

{"id": "CVE-2000-0751", "bulletinFamily": "NVD", "title": "CVE-2000-0751", "description": "mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.", "published": "2000-10-20T04:00:00", "modified": "2008-09-05T20:21:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0751", "reporter": "cve@mitre.org", "references": ["http://www.openbsd.org/errata.html#mopd", "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7&r2=1.8&f=h", "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html", "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html", "http://www.securityfocus.com/bid/1559", "http://www.redhat.com/support/errata/RHSA-2000-050.html"], "cvelist": ["CVE-2000-0751"], "type": "cve", "lastseen": "2019-05-29T18:07:37", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "ba80f127e2c1ada8c98426791c859a2b"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "31a8134e75601587e7a1ae7b39f7456c"}, {"key": "cpe23", "hash": "3e574ac97364f648a5341e93cea85b7d"}, {"key": "cvelist", "hash": "63cbf806c9fde5516c26b5c5359b3081"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "cvss2", "hash": "7f7c77d2dde7216a66d00321bd5828f8"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "85712343e748ac219c7126192bd60249"}, {"key": "href", "hash": "cebab9197c48e9090b739b682d22bdad"}, {"key": "modified", "hash": "9100803960b35c53a17662c11c615f9c"}, {"key": "published", "hash": "837fdd7ef8deaa0cf62afc7ae03100d0"}, {"key": "references", "hash": "e4964b3e2db8eaeea06d8a8355c2a32f"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "9c8321b88f955b427eb85538d8694946"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "934ff7dd7b46537914d3bce554bd9495327253ad8eb3b894345d645b841ab104", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:26630"]}, {"type": "osvdb", "idList": ["OSVDB:1499"]}], "modified": "2019-05-29T18:07:37"}, "score": {"value": 8.3, "vector": "NONE", "modified": "2019-05-29T18:07:37"}, "vulnersScore": 8.3}, "objectVersion": "1.3", "cpe": ["cpe:/o:openbsd:openbsd:2.4", "cpe:/a:openbsd:openbsd:2.5", "cpe:/o:redhat:linux:6.0", "cpe:/a:netbsd:netbsd:1.4.2", "cpe:/a:netbsd:netbsd:1.4.1", "cpe:/o:redhat:linux:6.2", "cpe:/o:openbsd:openbsd:2.6", "cpe:/a:openbsd:openbsd:2.4", "cpe:/o:netbsd:netbsd:1.4.1", "cpe:/a:openbsd:openbsd:2.7", "cpe:/o:redhat:linux:6.1", "cpe:/o:netbsd:netbsd:1.4.2", "cpe:/a:redhat:linux:6.1", "cpe:/a:redhat:linux:6.2", "cpe:/a:redhat:linux:6.0", "cpe:/o:openbsd:openbsd:2.7", "cpe:/o:openbsd:openbsd:2.5", "cpe:/a:openbsd:openbsd:2.6"], "affectedSoftware": [{"name": "openbsd openbsd", "operator": "eq", "version": "2.6"}, {"name": "redhat linux", "operator": "eq", "version": "6.2"}, {"name": "openbsd openbsd", "operator": "eq", "version": "2.4"}, {"name": "netbsd netbsd", "operator": "eq", "version": "1.4.2"}, {"name": "redhat linux", "operator": "eq", "version": "6.0"}, {"name": "redhat linux", "operator": "eq", "version": "6.1"}, {"name": "openbsd openbsd", "operator": "eq", "version": "2.5"}, {"name": "openbsd openbsd", "operator": "eq", "version": "2.7"}, {"name": "netbsd netbsd", "operator": "eq", "version": "1.4.1"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:19:56", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nRedHat RHSA: RHSA-2000-050-01\n[CVE-2000-0751](https://vulners.com/cve/CVE-2000-0751)\nBugtraq ID: 1559\n", "modified": "2000-08-08T00:00:00", "published": "2000-08-08T00:00:00", "id": "OSVDB:1499", "href": "https://vulners.com/osvdb/OSVDB:1499", "title": "Multiple Vendor mopd User Inputted Data Format String", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-03T04:01:20", "bulletinFamily": "exploit", "description": "ADC2000 NG Pro 1.2 SQL Injection Vulnerabilities. CVE-2000-0751. Webapps exploit for php platform", "modified": "2005-11-28T00:00:00", "published": "2005-11-28T00:00:00", "id": "EDB-ID:26630", "href": "https://www.exploit-db.com/exploits/26630/", "type": "exploitdb", "title": "ADC2000 NG Pro 1.2 - SQL Injection Vulnerabilities", "sourceData": "source: http://www.securityfocus.com/bid/15595/info\r\n\r\nADC2000 NG Pro is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.\r\n\r\nSuccessful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. \r\n\r\n/adcbrowres.php?lang=english&cat=[SQL]\r\n/adcbrowres.php?lang=[SQL] ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/26630/"}]}