Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0506

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0506
Last Modified 10 Sep 2008 03:04:51
Published 09 Jun 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0506

Summary

The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."

Vulnerable Systems

Operating System

  • Linux Kernel 2.0

  • Linux Kernel 2.0.30

  • Linux Kernel 2.0.33

  • Linux Kernel 2.0.34

  • Linux Kernel 2.0.35

  • Linux Kernel 2.0.36

  • Linux Kernel 2.0.37

  • Linux Kernel 2.0.38

  • Linux Kernel 2.1

  • Linux Kernel 2.2.0

  • Linux Kernel 2.2.10

  • Linux Kernel 2.2.12

  • Linux Kernel 2.2.13

  • Linux Kernel 2.2.14

  • Linux Kernel 2.2.15

  • Linux Kernel 2.2.15 Pre20

  • Linux Kernel 2.2.16


References

BUGTRAQ - 20000609 Sendmail & procmail local root exploits on Linux kernel up to 2.2.16pre5

BID - 1322

REDHAT - RHSA-2000:037

BUGTRAQ - 20000608 CONECTIVA LINUX SECURITY ANNOUNCEMENT - kernel

BUGTRAQ - 20000609 Trustix Security Advisory

SGI - 20000802-01-P


Last Updated: 27 May 2016 10:35:44