Vulnerabilities > CVE-2000-0172

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
matt-kimball-and-roger-wolff
turbolinux
exploit available

Summary

The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.

Exploit-Db

descriptionMatt Kimball and Roger Wolff mtr 0.28/0.41,Turbolinux 3.5 b2/4.2/4.4/6.0 mtr Vulnerability.2. CVE-2000-0172. Local exploits for multiple platform
idEDB-ID:19796
last seen2016-02-02
modified2000-03-03
published2000-03-03
reporterBabcia Padlina
sourcehttps://www.exploit-db.com/download/19796/
titleMatt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 mtr Vulnerability 2