Описание
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2000-0844
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5176
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html
- http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html
- http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html
- http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt
- http://www.debian.org/security/2000/20000902
- http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html
- http://www.redhat.com/support/errata/RHSA-2000-057.html
- http://www.securityfocus.com/bid/1634
- http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html
EPSS
CVE ID
Связанные уязвимости
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
EPSS