PT-2000-1767 · Ibm+12 · Aix+14

Published

2000-11-14

Updated

2018-10-30

CVE-2000-0844

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned.

Description The issue concerns the locale subsystem on Unix systems, where certain functions do not properly cleanse user-injected format strings. This allows local attackers to execute arbitrary commands via functions such as gettext() and catopen().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2000-0844

Affected Products

Aix

Debian

Immunix

Irix

Linux

Mandrake Linux

Openlinux

Openlinux Ebuilder

Openlinux Eserver

Secure Linux

Slackware Linux

Solaris

Sunos

Suse Linux

Turbolinux

PT-2000-1767 · Ibm+12 · Aix+14

CVE-2000-0844

Weakness Enumeration

Related Identifiers

Affected Products

References · 24