Lucene search

[email protected]NVD:CVE-2000-0844

HistoryNov 14, 2000 - 5:00 a.m.

CVE-2000-0844

2000-11-1405:00:00

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

High

EPSS

0.005

Percentile

75.9%

JSON

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Affected configurations

Nvd

Node

calderaopenlinux_ebuilderMatch3.0

immuniximmunixMatch6.2

conectivalinuxMatch4.0

conectivalinuxMatch4.0es

conectivalinuxMatch4.1

conectivalinuxMatch4.2

conectivalinuxMatch5.0

conectivalinuxMatch5.1

sgiirixMatch6.2

sgiirixMatch6.3

sgiirixMatch6.4

sgiirixMatch6.5

sgiirixMatch6.5.1

sgiirixMatch6.5.2m

sgiirixMatch6.5.3

sgiirixMatch6.5.3f

sgiirixMatch6.5.3m

sgiirixMatch6.5.4

sgiirixMatch6.5.6

sgiirixMatch6.5.7

sgiirixMatch6.5.8

Node

calderaopenlinux

calderaopenlinux_eserverMatch2.3

debiandebian_linuxMatch2.0

debiandebian_linuxMatch2.1

debiandebian_linuxMatch2.2

debiandebian_linuxMatch2.3

ibmaixMatch3.2

ibmaixMatch3.2.4

ibmaixMatch3.2.5

ibmaixMatch4.0

ibmaixMatch4.1

ibmaixMatch4.1.1

ibmaixMatch4.1.2

ibmaixMatch4.1.3

ibmaixMatch4.1.4

ibmaixMatch4.1.5

ibmaixMatch4.2

ibmaixMatch4.2.1

ibmaixMatch4.3

ibmaixMatch4.3.1

ibmaixMatch4.3.2

mandrakesoftmandrake_linuxMatch7.0

mandrakesoftmandrake_linuxMatch7.1

redhatlinuxMatch5.0

redhatlinuxMatch5.1

redhatlinuxMatch5.2

redhatlinuxMatch6.0

redhatlinuxMatch6.1

redhatlinuxMatch6.2

slackwareslackware_linuxMatch7.0

slackwareslackware_linuxMatch7.1

sunsolarisMatch2.6

sunsunosMatch5.0

sunsunosMatch5.1

sunsunosMatch5.2

sunsunosMatch5.3

sunsunosMatch5.4

sunsunosMatch5.5

sunsunosMatch5.5.1

sunsunosMatch5.7

sunsunosMatch5.8

susesuse_linuxMatch6.1

susesuse_linuxMatch6.2

susesuse_linuxMatch6.3

susesuse_linuxMatch6.4

susesuse_linuxMatch7.0

trustixsecure_linuxMatch1.0

trustixsecure_linuxMatch1.1

turbolinuxturbolinuxMatch6.0

turbolinuxturbolinuxMatch6.0.1

turbolinuxturbolinuxMatch6.0.2

turbolinuxturbolinuxMatch6.0.3

turbolinuxturbolinuxMatch6.0.4

VendorProductVersionCPE
calderaopenlinux_ebuilder3.0cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*
immuniximmunix6.2cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*
conectivalinux4.0cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*
conectivalinux4.0escpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*
conectivalinux4.1cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*
conectivalinux4.2cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*
conectivalinux5.0cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*
conectivalinux5.1cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*
sgiirix6.2cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*
sgiirix6.3cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
caldera	openlinux_ebuilder	3.0	cpe:2.3:a:caldera:openlinux_ebuilder:3.0:::::::*
immunix	immunix	6.2	cpe:2.3:a:immunix:immunix:6.2:::::::*
conectiva	linux	4.0	cpe:2.3:o:conectiva:linux:4.0:::::::*
conectiva	linux	4.0es	cpe:2.3:o:conectiva:linux:4.0es:::::::*
conectiva	linux	4.1	cpe:2.3:o:conectiva:linux:4.1:::::::*
conectiva	linux	4.2	cpe:2.3:o:conectiva:linux:4.2:::::::*
conectiva	linux	5.0	cpe:2.3:o:conectiva:linux:5.0:::::::*
conectiva	linux	5.1	cpe:2.3:o:conectiva:linux:5.1:::::::*
sgi	irix	6.2	cpe:2.3:o:sgi:irix:6.2:::::::*
sgi	irix	6.3	cpe:2.3:o:sgi:irix:6.3:::::::*

Rows per page:

1-10 of 741

References

ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P

archives.neohapsis.com/archives/bugtraq/2000-08/0436.html

archives.neohapsis.com/archives/bugtraq/2000-08/0457.html

archives.neohapsis.com/archives/bugtraq/2000-10/0427.html

archives.neohapsis.com/archives/tru64/2000-q4/0000.html

www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt

www.debian.org/security/2000/20000902

www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html

www.redhat.com/support/errata/RHSA-2000-057.html

www.securityfocus.com/bid/1634

www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html

exchange.xforce.ibmcloud.com/vulnerabilities/5176

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

High

EPSS

0.005

Percentile

75.9%

JSON

Related for NVD:CVE-2000-0844

exploitdb11 cve3 cvelist2 nvd2