Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0763

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2000-0763
Last Modified 05 Sep 2008 04:21:49
Published 20 Oct 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0763

Summary

xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.

Vulnerable Systems

Application

  • David Bagley Xlock 4.16

  • David Bagley Xlock 4.16.1


References

BUGTRAQ - 20000816 xlock vulnerability

BID - 1585

DEBIAN - 20000816 xlockmore: possible shadow file compromise

FREEBSD - FreeBSD-SA-00:44.xlockmore

BUGTRAQ - 20000823 MDKSA-2000:038 - xlockmore update

BUGTRAQ - 20000817 Conectiva Linux Security Announcement - xlockmore


Last Updated: 27 May 2016 10:35:52