CVE-2000-1207

2002-07-3104:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.9%

JSON

userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).

References

marc.info/?l=bugtraq&m=97034397026473&w=2

marc.info/?l=bugtraq&m=97063854808796&w=2

www.linux-mandrake.com/en/security/2000/MDKSA-2000-059.php3

www.redhat.com/support/errata/RHSA-2000-075.html