CVE-2000-0816

Name of the Vulnerable Software and Affected Versions tmpwatch version 2.6.2

Description The issue concerns multiple vulnerabilities in the tmpwatch package of Red Hat Linux, which can lead to disruption of protected information availability. These vulnerabilities can be exploited locally. Specifically, the --fuser option in Linux tmpwatch allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.

Recommendations For tmpwatch version 2.6.2, consider restricting access to the --fuser option to prevent local users from executing arbitrary commands until a patch is available. As a temporary workaround, avoid using the --fuser option in tmpwatch to minimize the risk of exploitation.