Vulnerabilities > CVE-2000-0378 - Unspecified vulnerability in Redhat Linux 6.0/6.1/6.2

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

redhat

exploit available

NVD

Published: 2000-05-03

Updated: 2008-09-10

Summary

The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in.

Vulnerable Configurations

Part	Description	Count
OS	Redhat Redhat Linux 6.0 Redhat Linux 6.1 Redhat Linux 6.2	3

Exploit-Db

description	RedHat Linux 6.0/6.1/6.2 pam_console Vulnerability. CVE-2000-0378. Local exploit for linux platform
id	EDB-ID:19900
last seen	2016-02-02
modified	2000-05-03
published	2000-05-03
reporter	Michal Zalewski
source	https://www.exploit-db.com/download/19900/
title	RedHat Linux 6.0/6.1/6.2 pam_console Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References