Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1207

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2000-1207
Last Modified 05 Sep 2008 04:22:55
Published 30 Sep 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-1207

Summary

userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).

Vulnerable Systems

Operating System

  • Redhat Linux


References

REDHAT - RHSA-2000:075

MANDRAKE - MDKSA-2000:059

BUGTRAQ - 20000930 glibc and userhelper - local root

BUGTRAQ - 20001003 SuSE: userhelper/usermode


Last Updated: 27 May 2016 10:36:04