Lucene search

[email protected]CVE-2000-0996

HistoryDec 19, 2000 - 5:00 a.m.

CVE-2000-0996

2000-12-1905:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

openbsd

local attack

root privileges

format string vulnerability

cve-2000-0996

7.5 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

18.9%

JSON

Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell.

CPENameOperatorVersion
openbsd:openbsdopenbsdeq*

CPE	Name	Operator	Version
openbsd:openbsd	openbsd	eq	*

References

ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch

www.osvdb.org/6124

exchange.xforce.ibmcloud.com/vulnerabilities/5636

7.5 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

18.9%

JSON