Vulnerabilities > CVE-2000-0378 - Unspecified vulnerability in Redhat Linux 6.0/6.1/6.2

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
redhat
exploit available

Summary

The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in.

Vulnerable Configurations

Part Description Count
OS
Redhat
3

Exploit-Db

descriptionRedHat Linux 6.0/6.1/6.2 pam_console Vulnerability. CVE-2000-0378. Local exploit for linux platform
idEDB-ID:19900
last seen2016-02-02
modified2000-05-03
published2000-05-03
reporterMichal Zalewski
sourcehttps://www.exploit-db.com/download/19900/
titleRedHat Linux 6.0/6.1/6.2 pam_console Vulnerability