Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0229

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2000-0229
Last Modified 10 Sep 2008 03:03:40
Published 22 Mar 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0229

Summary

gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.

Vulnerable Systems

Operating System

  • Alessandro Rubini Gpm 1.18.1

  • Alessandro Rubini Gpm 1.19

  • Debian Linux 2.0

  • Debian Linux 2.1

  • Debian Linux 2.2

  • Redhat Linux 6.0

  • Redhat Linux 6.1

  • Redhat Linux 6.2

  • Suse Linux 5.3

  • Suse Linux 6.0

  • Suse Linux 6.1

  • Suse Linux 6.2

  • Suse Linux 6.3


References

BID - 1069

REDHAT - RHSA-2000:045

REDHAT - RHSA-2000:009

SUSE - 20000405 Security hole in gpm < 1.18.1

BUGTRAQ - 20000322 gpm-root


Last Updated: 27 May 2016 10:35:37