Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0172

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2000-0172
Last Modified 10 Sep 2008 03:03:08
Published 03 Mar 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0172

Summary

The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.

Vulnerable Systems

Operating System

  • Turbolinux 3.5b2

  • Turbolinux 4.2

  • Turbolinux 4.4

  • Turbolinux 6.0.2

Application

  • Matt Kimball And Roger Wolff Mtr 0.28

  • Matt Kimball And Roger Wolff Mtr 0.41


References

BID - 1038


Last Updated: 27 May 2016 10:35:35