exploitDog

CVE-2000-1009

Опубликовано: 11 дек. 2000

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2000-10/0438.html
http://www.securityfocus.com/bid/1871
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5437
http://archives.neohapsis.com/archives/bugtraq/2000-10/0438.html
http://www.securityfocus.com/bid/1871
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5437

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*

cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.0034

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jph8-qvmw-2p95

github

почти 4 года назад

dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.

EPSS

Процентиль: 56%

0.0034

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other