Lucene search

[email protected]CVE-2000-1202

HistorySep 12, 2001 - 4:00 a.m.

CVE-2000-1202

2001-09-1204:00:00

[email protected]

web.nvd.nist.gov

cve-2000-1202

ibm ibmhsssb 1.0

ikeyman

classpath

root

code execution

security vulnerability.

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user’s own CLASSPATH directories before the system’s directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class.

Affected configurations

NVD

Node

ibmhttp_server_ssl_module_commonMatch1.0

CPENameOperatorVersion
ibm:http_server_ssl_module_commonibm http server ssl module commoneq1.0

CPE	Name	Operator	Version
ibm:http_server_ssl_module_common	ibm http server ssl module common	eq	1.0

References

www.securityfocus.com/archive/1/54073

www.securityfocus.com/bid/1092

exchange.xforce.ibmcloud.com/vulnerabilities/4235

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2000-1202

cvelist1 nvd1