Lucene search

[email protected]CVE-2000-1010

HistoryJan 22, 2001 - 5:00 a.m.

CVE-2000-1010

2001-01-2205:00:00

[email protected]

web.nvd.nist.gov

openbsd

talkd

format string vulnerability

remote attack

arbitrary commands

cve-2000-1010.

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.5%

JSON

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

Affected configurations

NVD

Node

openbsdopenbsdMatch2.3

openbsdopenbsdMatch2.4

openbsdopenbsdMatch2.5

openbsdopenbsdMatch2.6

openbsdopenbsdMatch2.7

redhatlinuxMatch5.0

redhatlinuxMatch5.1

redhatlinuxMatch5.2alpha

redhatlinuxMatch5.2i386

redhatlinuxMatch5.2sparc

CPENameOperatorVersion
openbsd:openbsdopenbsdeq2.3
openbsd:openbsdopenbsdeq2.4
openbsd:openbsdopenbsdeq2.5
openbsd:openbsdopenbsdeq2.6
openbsd:openbsdopenbsdeq2.7
redhat:linuxredhat linuxeq5.0
redhat:linuxredhat linuxeq5.1
redhat:linuxredhat linuxeq5.2

CPE	Name	Operator	Version
openbsd:openbsd	openbsd	eq	2.3
openbsd:openbsd	openbsd	eq	2.4
openbsd:openbsd	openbsd	eq	2.5
openbsd:openbsd	openbsd	eq	2.6
openbsd:openbsd	openbsd	eq	2.7
redhat:linux	redhat linux	eq	5.0
redhat:linux	redhat linux	eq	5.1
redhat:linux	redhat linux	eq	5.2

References

www.securityfocus.com/archive/1/137890

www.securityfocus.com/bid/1764

exchange.xforce.ibmcloud.com/vulnerabilities/5344

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

77.5%

JSON

Related for CVE-2000-1010

securityvulns2 cvelist1 nvd1