Vulnerabilities > CVE-2000-0393 - Unspecified vulnerability in KDE
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN kde
exploit available
Summary
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 |
Exploit-Db
| description | KDE 1.1/1.1.1/1.2/2.0 kscd SHELL Environmental Variable Vulnerability. CVE-2000-0393. Local exploit for linux platform |
| id | EDB-ID:19915 |
| last seen | 2016-02-02 |
| modified | 2000-05-16 |
| published | 2000-05-16 |
| reporter | Sebastian |
| source | https://www.exploit-db.com/download/19915/ |
| title | KDE 1.1/1.1.1/1.2/2.0 kscd SHELL Environmental Variable Vulnerability |
References
- http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html
- http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html
- http://www.novell.com/linux/security/advisories/suse_security_announce_50.html
- http://www.novell.com/linux/security/advisories/suse_security_announce_50.html
- http://www.securityfocus.com/bid/1206
- http://www.securityfocus.com/bid/1206