Lucene search

[email protected]CVE-2000-1014

HistoryDec 11, 2000 - 5:00 a.m.

CVE-2000-1014

2000-12-1105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-1014

sco help http server

unixware 7

remote attack

format string vulnerability

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.4%

JSON

Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.

CPENameOperatorVersion
sco:unixwaresco unixwareeq7.0

CPE	Name	Operator	Version
sco:unixware	sco unixware	eq	7.0

References

archives.neohapsis.com/archives/bugtraq/2000-09/0325.html

www.osvdb.org/3240

www.securityfocus.com/bid/1717

exchange.xforce.ibmcloud.com/vulnerabilities/5291

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.4%

JSON