[email protected]CVE-2000-1040

HistoryDec 11, 2000 - 5:00 a.m.

CVE-2000-1040

2000-12-1105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-1040

format string vulnerability

ypbind 3.3

debug mode

dos

leak

file descriptor

nvd

6.6 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.9%

JSON

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.

CPENameOperatorVersion
suse:suse_linuxsuse suse linuxeq6.2
suse:suse_linuxsuse suse linuxeq7.0
suse:suse_linuxsuse suse linuxeq6.3
suse:suse_linuxsuse suse linuxeq6.4

CPE	Name	Operator	Version
suse:suse_linux	suse suse linux	eq	6.2
suse:suse_linux	suse suse linux	eq	7.0
suse:suse_linux	suse suse linux	eq	6.3
suse:suse_linux	suse suse linux	eq	6.4

References

archives.neohapsis.com/archives/bugtraq/2000-10/0356.html

archives.neohapsis.com/archives/bugtraq/2000-10/0429.html

archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html

www.calderasystems.com/support/security/advisories/CSSA-2000-039.0.txt

www.debian.org/security/2000/20001014

www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1

www.redhat.com/support/errata/RHSA-2000-086.html

www.securityfocus.com/bid/1820

exchange.xforce.ibmcloud.com/vulnerabilities/5394

6.6 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.9%

JSON

Related for CVE-2000-1040

cvelist1 suse1 nessus1