Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1040

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-1040
Last Modified 10 Sep 2008 03:06:26
Published 11 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-1040

Summary

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.

Vulnerable Systems

Operating System

  • Suse Linux 6.2

  • Suse Linux 6.3

  • Suse Linux 6.4

  • Suse Linux 7.0


References

BID - 1820

XF - ypbind-printf-format-string

REDHAT - RHSA-2000:086

MANDRAKE - MDKSA-2000:064

DEBIAN - 20001014 nis: local exploit

CALDERA - CSSA-2000-039.0

SUSE - SuSE-SA:2000:042

BUGTRAQ - 20001030 Trustix Security Advisory - ping gnupg ypbind

BUGTRAQ - 20001025 Immunix OS Security Update for ypbind package


Last Updated: 27 May 2016 10:35:59