Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1043

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-1043
Last Modified 05 Sep 2008 04:22:30
Published 11 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-1043

Summary

Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.

Vulnerable Systems

Operating System

  • Mandrakesoft Mandrake Linux 6.1

  • Mandrakesoft Mandrake Linux 7.0

  • Mandrakesoft Mandrake Linux 7.1


References

MANDRAKE - MDKSA-2000:064

XF - linux-ypserv-format-string


Last Updated: 27 May 2016 10:35:59