Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0312

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2000-0312
Last Modified 05 Sep 2008 04:20:40
Published 12 Mar 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0312

Summary

cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.

Vulnerable Systems

Operating System

  • Openbsd 2.5


References

OPENBSD - 19990830 In cron(8), make sure argv[] is NULL terminated in the fake popen() and run sendmail as the user, not as root.


Last Updated: 27 May 2016 10:35:40