Vulnerabilities > CVE-2000-0009 - Unspecified vulnerability in Nortel Optivity NET Architect 2.0

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

nortel

exploit available

NVD

Published: 1999-12-29

Updated: 2008-09-10

Summary

The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.

Vulnerable Configurations

Part	Description	Count
Application	Nortel Nortel Optivity NET Architect 2.0	1

Exploit-Db

description	Nortel Networks Optivity NETarchitect 2.0 PATH Vulnerability. CVE-2000-0009. Local exploits for multiple platform
id	EDB-ID:19704
last seen	2016-02-02
modified	1999-12-30
published	1999-12-30
reporter	Loneguard
source	https://www.exploit-db.com/download/19704/
title	Nortel Networks Optivity NETarchitect 2.0 PATH Vulnerability

References

http://www.securityfocus.com/bid/907