CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Published : 2000-11-14 05:00 Updated : 2018-10-30 16:26

10.0
CVSS Score More info
Score 10.0 / 10
10.0
Vendor Product Version URI
Sgi Irix 6.5.2m cpe:/o:sgi:irix:6.5.2m
Redhat Linux 6.0 cpe:/o:redhat:linux:6.0
Redhat Linux 6.1 cpe:/o:redhat:linux:6.1
Redhat Linux 6.2 cpe:/o:redhat:linux:6.2
Ibm Aix 4.3 cpe:/o:ibm:aix:4.3
Ibm Aix 4.2 cpe:/o:ibm:aix:4.2
Ibm Aix 4.1 cpe:/o:ibm:aix:4.1
Ibm Aix 4.0 cpe:/o:ibm:aix:4.0
Caldera Openlinux Ebuilder 3.0 cpe:/a:caldera:openlinux_ebuilder:3.0
Mandrakesoft Mandrake Linux 7.1 cpe:/o:mandrakesoft:mandrake_linux:7.1
Caldera Openlinux Eserver 2.3 cpe:/o:caldera:openlinux_eserver:2.3
Conectiva Linux 4.0 cpe:/o:conectiva:linux:4.0
Conectiva Linux 4.1 cpe:/o:conectiva:linux:4.1
Mandrakesoft Mandrake Linux 7.0 cpe:/o:mandrakesoft:mandrake_linux:7.0
Suse Suse Linux 6.2 cpe:/o:suse:suse_linux:6.2
Suse Suse Linux 6.3 cpe:/o:suse:suse_linux:6.3
Slackware Slackware Linux 7.1 cpe:/o:slackware:slackware_linux:7.1
Ibm Aix 4.2.1 cpe:/o:ibm:aix:4.2.1
Conectiva Linux 5.1 cpe:/o:conectiva:linux:5.1
Ibm Aix 3.2.5 cpe:/o:ibm:aix:3.2.5
Ibm Aix 3.2.4 cpe:/o:ibm:aix:3.2.4
Caldera Openlinux cpe:/o:caldera:openlinux
Slackware Slackware Linux 7.0 cpe:/o:slackware:slackware_linux:7.0
Suse Suse Linux 6.1 cpe:/o:suse:suse_linux:6.1
Suse Suse Linux 6.4 cpe:/o:suse:suse_linux:6.4
Redhat Linux 5.1 cpe:/o:redhat:linux:5.1
Redhat Linux 5.2 cpe:/o:redhat:linux:5.2
Sgi Irix 6.2 cpe:/o:sgi:irix:6.2
Sgi Irix 6.3 cpe:/o:sgi:irix:6.3
Ibm Aix 3.2 cpe:/o:ibm:aix:3.2
Sun Solaris 2.6 cpe:/o:sun:solaris:2.6
Sgi Irix 6.5.8 cpe:/o:sgi:irix:6.5.8
Sgi Irix 6.5.7 cpe:/o:sgi:irix:6.5.7
Sgi Irix 6.5.6 cpe:/o:sgi:irix:6.5.6
Conectiva Linux 5.0 cpe:/o:conectiva:linux:5.0
Turbolinux Turbolinux 6.0.1 cpe:/o:turbolinux:turbolinux:6.0.1
Conectiva Linux 4.0es cpe:/o:conectiva:linux:4.0es
Sgi Irix 6.5.1 cpe:/o:sgi:irix:6.5.1
Turbolinux Turbolinux 6.0.3 cpe:/o:turbolinux:turbolinux:6.0.3
Sgi Irix 6.5.4 cpe:/o:sgi:irix:6.5.4
Turbolinux Turbolinux 6.0.2 cpe:/o:turbolinux:turbolinux:6.0.2
Sgi Irix 6.5.3 cpe:/o:sgi:irix:6.5.3
Turbolinux Turbolinux 6.0.4 cpe:/o:turbolinux:turbolinux:6.0.4
Debian Debian Linux 2.2 cpe:/o:debian:debian_linux:2.2
Turbolinux Turbolinux 6.0 cpe:/o:turbolinux:turbolinux:6.0
Ibm Aix 4.1.4 cpe:/o:ibm:aix:4.1.4
Ibm Aix 4.3.2 cpe:/o:ibm:aix:4.3.2
Debian Debian Linux 2.1 cpe:/o:debian:debian_linux:2.1
Ibm Aix 4.1.3 cpe:/o:ibm:aix:4.1.3
Ibm Aix 4.3.1 cpe:/o:ibm:aix:4.3.1
Debian Debian Linux 2.0 cpe:/o:debian:debian_linux:2.0
Debian Debian Linux 2.3 cpe:/o:debian:debian_linux:2.3
Ibm Aix 4.1.5 cpe:/o:ibm:aix:4.1.5
Sgi Irix 6.5.3f cpe:/o:sgi:irix:6.5.3f
Ibm Aix 4.1.2 cpe:/o:ibm:aix:4.1.2
Ibm Aix 4.1.1 cpe:/o:ibm:aix:4.1.1
Conectiva Linux 4.2 cpe:/o:conectiva:linux:4.2
Trustix Secure Linux 1.0 cpe:/o:trustix:secure_linux:1.0
Sgi Irix 6.4 cpe:/o:sgi:irix:6.4
Sgi Irix 6.5 cpe:/o:sgi:irix:6.5
Trustix Secure Linux 1.1 cpe:/o:trustix:secure_linux:1.1
Immunix Immunix 6.2 cpe:/a:immunix:immunix:6.2
Redhat Linux 5.0 cpe:/o:redhat:linux:5.0
Suse Suse Linux 7.0 cpe:/o:suse:suse_linux:7.0
Sgi Irix 6.5.3m cpe:/o:sgi:irix:6.5.3m
Sun Sunos 5.0 cpe:/o:sun:sunos:5.0
Sun Sunos 5.1 cpe:/o:sun:sunos:5.1
Sun Sunos 5.2 cpe:/o:sun:sunos:5.2
Sun Sunos 5.3 cpe:/o:sun:sunos:5.3
Sun Sunos 5.4 cpe:/o:sun:sunos:5.4
Sun Sunos 5.5 cpe:/o:sun:sunos:5.5
Sun Sunos 5.5.1 cpe:/o:sun:sunos:5.5.1
Sun Sunos 5.7 cpe:/o:sun:sunos:5.7
Sun Sunos 5.8 cpe:/o:sun:sunos:5.8
  1. Ibm (1) Search CVE
    1. Aix (15) Search CVE
      1. 4.3
      2. 4.2
      3. 4.1
      4. 4.0
      5. 4.2.1
      6. 3.2.5
      7. 3.2.4
      8. 3.2
      9. 4.1.4
      10. 4.3.2
      11. 4.1.3
      12. 4.3.1
      13. 4.1.5
      14. 4.1.2
      15. 4.1.1
  2. Sgi (1) Search CVE
    1. Irix (13) Search CVE
      1. 6.5.2m
      2. 6.2
      3. 6.3
      4. 6.5.8
      5. 6.5.7
      6. 6.5.6
      7. 6.5.1
      8. 6.5.4
      9. 6.5.3
      10. 6.5.3f
      11. 6.4
      12. 6.5
      13. 6.5.3m
  3. Suse (1) Search CVE
    1. Suse Linux (5) Search CVE
      1. 6.2
      2. 6.3
      3. 6.1
      4. 6.4
      5. 7.0
  4. Sun (2) Search CVE
    1. Sunos (9) Search CVE
      1. 5.0
      2. 5.1
      3. 5.2
      4. 5.3
      5. 5.4
      6. 5.5
      7. 5.5.1
      8. 5.7
      9. 5.8
    2. Solaris (1) Search CVE
      1. 2.6
  5. Turbolinux (1) Search CVE
    1. Turbolinux (5) Search CVE
      1. 6.0.1
      2. 6.0.3
      3. 6.0.2
      4. 6.0.4
      5. 6.0
  6. Redhat (1) Search CVE
    1. Linux (6) Search CVE
      1. 6.0
      2. 6.1
      3. 6.2
      4. 5.1
      5. 5.2
      6. 5.0
  7. Slackware (1) Search CVE
    1. Slackware Linux (2) Search CVE
      1. 7.1
      2. 7.0
  8. Trustix (1) Search CVE
    1. Secure Linux (2) Search CVE
      1. 1.0
      2. 1.1
  9. Immunix (1) Search CVE
    1. Immunix (1) Search CVE
      1. 6.2
  10. Caldera (3) Search CVE
    1. Openlinux (1) Search CVE
    2. Openlinux Ebuilder (1) Search CVE
      1. 3.0
    3. Openlinux Eserver (1) Search CVE
      1. 2.3
  11. Conectiva (1) Search CVE
    1. Linux (6) Search CVE
      1. 4.0
      2. 4.1
      3. 5.1
      4. 5.0
      5. 4.0es
      6. 4.2
  12. Mandrakesoft (1) Search CVE
    1. Mandrake Linux (2) Search CVE
      1. 7.1
      2. 7.0
  13. Debian (1) Search CVE
    1. Debian Linux (4) Search CVE
      1. 2.2
      2. 2.1
      3. 2.0
      4. 2.3

CWE

ID Name Description Links
CWE-264 Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. CVE

History of changes

Date Event
2018-10-30 16:26
2017-10-10 05:32
2000-11-14 05:00

New CVE