Intelligence Center » Browse All Vulnerabilities » CVE-2000-0844
Overview |
|
Vulnerability Score | ![]() |
CVE Id | CVE-2000-0844 |
Last Modified | 20 Jan 2009 12:00:00 |
Published | 14 Nov 2000 12:00:00 |
Confidentiality Impact | ![]() |
Integrity Impact | ![]() |
Availability Impact | ![]() |
Access Vector | NETWORK |
Access Complexity | LOW |
Authentication | NONE |

CVE-2000-0844
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Vulnerable Systems
Operating System
Caldera Openlinux
Caldera Openlinux Eserver 2.3
Conectiva Linux 4.0
Conectiva Linux 4.0es
Conectiva Linux 4.1
Conectiva Linux 4.2
Conectiva Linux 5.0
Conectiva Linux 5.1
Debian Linux 2.0
Debian Linux 2.1
Debian Linux 2.2
Debian Linux 2.3
Ibm Aix 3.2
Ibm Aix 3.2.4
Ibm Aix 3.2.5
Ibm Aix 4.0
Ibm Aix 4.1
Ibm Aix 4.1.1
Ibm Aix 4.1.2
Ibm Aix 4.1.3
Ibm Aix 4.1.4
Ibm Aix 4.1.5
Ibm Aix 4.2
Ibm Aix 4.2.1
Ibm Aix 4.3
Ibm Aix 4.3.1
Ibm Aix 4.3.2
Mandrakesoft Mandrake Linux 7.0
Mandrakesoft Mandrake Linux 7.1
Redhat Linux 5.0
Redhat Linux 5.1
Redhat Linux 5.2
Redhat Linux 6.0
Redhat Linux 6.1
Redhat Linux 6.2
Sgi Irix 6.2
Sgi Irix 6.3
Sgi Irix 6.4
Sgi Irix 6.5
Sgi Irix 6.5.1
Sgi Irix 6.5.2m
Sgi Irix 6.5.3
Sgi Irix 6.5.3f
Sgi Irix 6.5.3m
Sgi Irix 6.5.4
Sgi Irix 6.5.6
Sgi Irix 6.5.7
Sgi Irix 6.5.8
Slackware Linux 7.0
Slackware Linux 7.1
Sun Solaris 2.0
Sun Solaris 2.1
Sun Solaris 2.2
Sun Solaris 2.3
Sun Solaris 2.4
Sun Solaris 2.5
Sun Solaris 2.5.1
Sun Solaris 2.6
Sun Solaris 7.0
Sun Solaris 8.0
Suse Linux 6.1
Suse Linux 6.2
Suse Linux 6.3
Suse Linux 6.4
Suse Linux 7.0
Trustix Secure Linux 1.0
Trustix Secure Linux 1.1
Turbolinux 6.0
Turbolinux 6.0.1
Turbolinux 6.0.2
Turbolinux 6.0.3
Turbolinux 6.0.4
Application
Caldera Openlinux Ebuilder 3.0
Immunix 6.2
References
BID - 1634
BUGTRAQ - 20000904 UNIX locale format string vulnerability
XF - unix-locale-format-string(5176)
REDHAT - RHSA-2000:057
SUSE - 20000906 glibc locale security problem
DEBIAN - 20000902 glibc: local root exploit
CALDERA - CSSA-2000-030.0
COMPAQ - SSRT0689U
AIXAPAR - IY13753
BUGTRAQ - 20000902 Conectiva Linux Security Announcement - glibc
SGI - 20000901-01-P
Last Updated: 27 May 2016 10:35:54