Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1010

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-1010
Last Modified 05 Sep 2008 04:22:25
Published 11 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-1010

Summary

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

Vulnerable Systems

Operating System

  • Openbsd 2.3

  • Openbsd 2.4

  • Openbsd 2.5

  • Openbsd 2.6

  • Openbsd 2.7

  • Redhat Linux 5.0

  • Redhat Linux 5.1

  • Redhat Linux 5.2


References

XF - linux-talkd-overwrite-root

BID - 1764

BUGTRAQ - 20001006 talkd [WAS: Re: OpenBSD Security Advisory]


Last Updated: 27 May 2016 10:35:58