CVE-2000-0963

Name of the Vulnerable Software and Affected Versions ncurses versions 5.0 through 5.2 ncurses-devel versions 5.0 through 5.2

Description The issue is related to a buffer overflow in the ncurses library, which can be exploited locally. This can lead to the execution of arbitrary commands via long environmental information such as TERM or TERMINFO DIRS. The exploitation of this issue may result in a violation of confidentiality, integrity, and availability of protected information.

Recommendations For ncurses versions 5.0 through 5.2, consider updating to a version that is not affected by this issue. For ncurses-devel versions 5.0 through 5.2, consider updating to a version that is not affected by this issue. As a temporary workaround, consider restricting the use of environmental variables TERM and TERMINFO DIRS to minimize the risk of exploitation.