Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1134

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2000-1134
Last Modified 10 Sep 2008 03:06:40
Published 09 Jan 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-1134

Summary

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

Vulnerable Systems

Operating System

  • Caldera Openlinux

  • Caldera Openlinux Edesktop 2.4

  • Caldera Openlinux Eserver 2.3

  • Conectiva Linux 4.0

  • Conectiva Linux 4.0es

  • Conectiva Linux 4.1

  • Conectiva Linux 4.2

  • Conectiva Linux 5.0

  • Conectiva Linux 5.1

  • Hp-ux 11.11

  • Mandrakesoft Mandrake Linux 6.0

  • Mandrakesoft Mandrake Linux 6.1

  • Mandrakesoft Mandrake Linux 7.0

  • Mandrakesoft Mandrake Linux 7.1

  • Mandrakesoft Mandrake Linux 7.2

  • Redhat Linux 5.2

  • Redhat Linux 6.0

  • Redhat Linux 6.1

  • Redhat Linux 6.2

  • Redhat Linux 6.2e

  • Suse Linux 7.0

Application

  • Immunix 6.2


References

CERT-VN - VU#10277

BID - 2006

FREEBSD - FreeBSD-SA-00:76

BID - 1926

BUGTRAQ - 20001128 /bin/sh creates insecure tmp files

REDHAT - RHSA-2000:121

REDHAT - RHSA-2000:117

MANDRAKE - MDKSA-2000:075

MANDRAKE - MDKSA-2000-069

DEBIAN - 20001111a

CALDERA - CSSA-2000-043.0

CALDERA - CSSA-2000-042.0

BUGTRAQ - 20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE

CONECTIVA - CLSA-2000:354

CONECTIVA - CLA-2000:350

COMPAQ - SSRT1-41U

BUGTRAQ - 20001028 tcsh: unsafe tempfile in << redirects

SGI - 20011103-02-P


Last Updated: 27 May 2016 10:36:02