PT-2000-1923 · Freebsd · Freebsd

Published

2000-12-11

Updated

2008-09-05

CVE-2000-1013

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FreeBSD versions 5.0 and earlier

Description The issue allows local users to read arbitrary files. This is achieved through the setlocale function and the LANG environmental variable.

Recommendations For versions 5.0 and earlier, consider restricting access to the setlocale function until a patch is available. As a temporary workaround, avoid using the LANG environmental variable to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-1013

Affected Products

Freebsd

PT-2000-1923 · Freebsd · Freebsd

CVE-2000-1013

Related Identifiers

Affected Products

References · 2