CVE-2000-0867

Published Nov 14, 2000

Last updated 7 years ago

Overview

Description: Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:slink:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAB6D992-C0E9-4951-85FD-5FE54045AEAF"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:potato:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "470653CE-3BF8-498E-B673-82AC854B23C1"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36"
          },
          {
            "criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D"
          },
          {
            "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References