Vulnerabilities > CVE-2000-0009 - Unspecified vulnerability in Nortel Optivity NET Architect 2.0

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
nortel
exploit available

Summary

The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.

Vulnerable Configurations

Part Description Count
Application
Nortel
1

Exploit-Db

descriptionNortel Networks Optivity NETarchitect 2.0 PATH Vulnerability. CVE-2000-0009. Local exploits for multiple platform
idEDB-ID:19704
last seen2016-02-02
modified1999-12-30
published1999-12-30
reporterLoneguard
sourcehttps://www.exploit-db.com/download/19704/
titleNortel Networks Optivity NETarchitect 2.0 PATH Vulnerability