CVE-2000-0229

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2000-0229
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html
http://www.novell.com/linux/security/advisories/suse_security_announce_45.html
http://www.redhat.com/support/errata/RHSA-2000-009.html
http://www.redhat.com/support/errata/RHSA-2000-045.html
http://www.securityfocus.com/bid/1069
http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html
http://www.novell.com/linux/security/advisories/suse_security_announce_45.html
http://www.redhat.com/support/errata/RHSA-2000-009.html
http://www.redhat.com/support/errata/RHSA-2000-045.html
http://www.securityfocus.com/bid/1069
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:alessandro_rubini:gpm:1.18.1:*:*:*:*:*:*:*
cpe:2.3:o:alessandro_rubini:gpm:1.19:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:2.2:*:pre_potato:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*
History

20 Nov 2024, 23:32

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html - () http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html -
References () http://www.novell.com/linux/security/advisories/suse_security_announce_45.html - () http://www.novell.com/linux/security/advisories/suse_security_announce_45.html -
References () http://www.redhat.com/support/errata/RHSA-2000-009.html - () http://www.redhat.com/support/errata/RHSA-2000-009.html -
References () http://www.redhat.com/support/errata/RHSA-2000-045.html - () http://www.redhat.com/support/errata/RHSA-2000-045.html -
References () http://www.securityfocus.com/bid/1069 - () http://www.securityfocus.com/bid/1069 -
Information

Published : 2000-03-22 05:00

Updated : 2024-11-20 23:32

NVD link : CVE-2000-0229

Mitre link : CVE-2000-0229

CVE.ORG link : CVE-2000-0229

JSON object : View

Products Affected

debian

  • debian_linux

alessandro_rubini

  • gpm

suse

  • suse_linux

redhat

  • linux
CWE
NVD-CWE-Other