Vulnerabilities > CVE-2000-0118

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
redhat
sun
exploit available
NVD
Published: 1999-06-09
Updated: 2018-10-30

Summary

The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.

Vulnerable Configurations

Part Description Count
OS
Redhat
17
OS
Sun
13

Exploit-Db

descriptionRedHat Linux 5.2 i386/6.0 No Logging Vulnerability. CVE-2000-0118. Local exploit for linux platform
idEDB-ID:19255
last seen2016-02-02
modified1999-06-09
published1999-06-09
reporterTani Hosokawa
sourcehttps://www.exploit-db.com/download/19255/
titleRedHat Linux 5.2 i386/6.0 No Logging Vulnerability

References