CVE-2000-1202

Name of the Vulnerable Software and Affected Versions: IBM IBMHSSSB version 1.0

Description: The issue allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class. This is due to the ikeyman setting the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories.

Recommendations: For IBM IBMHSSSB version 1.0, consider restricting access to the ikeyman class to prevent a malicious local user from executing arbitrary code as root. As a temporary workaround, avoid using the ikeyman class until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.