Vulnerabilities > CVE-2000-0666

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
conectiva
suse
debian
trustix
redhat
nessus
exploit available

Summary

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

Exploit-Db

  • descriptionConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (1). CVE-2000-0666. Remote exploit for linux platform
    idEDB-ID:20075
    last seen2016-02-02
    modified2000-07-16
    published2000-07-16
    reporterdrow
    sourcehttps://www.exploit-db.com/download/20075/
    titleConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String 1
  • descriptionConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (2). CVE-2000-0666. Remote exploit for linux platform
    idEDB-ID:20076
    last seen2016-02-02
    modified2000-08-01
    published2000-08-01
    reporterDoing
    sourcehttps://www.exploit-db.com/download/20076/
    titleConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String 2
  • descriptionConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (3). CVE-2000-0666. Remote exploit for linux platform
    idEDB-ID:20077
    last seen2016-02-02
    modified2000-08-03
    published2000-08-03
    reporterron1n
    sourcehttps://www.exploit-db.com/download/20077/
    titleConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String 3

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2000-021.NASL
    descriptionA bug recently discovered in the nfs-utils package can theoretically be used for gaining remote root access. While there are currently no known exploits for this bug, we recommend upgrading to the latest version which fixes the bug.
    last seen2020-06-01
    modified2020-06-02
    plugin id61819
    published2012-09-06
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/61819
    titleMandrake Linux Security Advisory : nfs-utils (MDKSA-2000:021)
  • NASL familyRPC
    NASL idSTATD_FORMAT_STRING.NASL
    descriptionThe remote statd service could be brought down with a format string attack - it now needs to be restarted manually. This means that an attacker may execute arbitrary code thanks to a bug in this daemon.
    last seen2020-06-01
    modified2020-06-02
    plugin id10544
    published2000-11-10
    reporterThis script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/10544
    titleLinux Multiple statd Packages Remote Format String
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT_FIXES.NASL
    descriptionThis plugin writes in the knowledge base the CVE ids that we know Red Hat enterprise Linux is not vulnerable to.
    last seen2020-06-01
    modified2020-06-02
    plugin id12512
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2011 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/12512
    titleRed Hat Enterprise Linux fixes

Redhat

advisories
rhsa
idRHSA-2000:043