Vulnerabilities > CVE-2000-0666

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

nessus

exploit available

NVD

Published: 2000-07-16

Updated: 2018-05-03

Summary

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

Vulnerable Configurations

Part	Description	Count
OS	Conectiva Conectiva Linux 4.2 Conectiva Linux 4.1 Conectiva Linux 5.1 Conectiva Linux 4.0Es Conectiva Linux 5.0 Conectiva Linux 4.0	6
OS	Suse Suse Suse Linux 6.3 Suse Suse Linux 6.4 Suse Suse Linux 7.0	7
OS	Debian Debian Debian Linux 2.3 Debian Debian Linux 2.2	8
OS	Trustix Trustix Secure Linux 1.1 Trustix Secure Linux 1.0	2
OS	Redhat Redhat Linux 6.1 Redhat Linux 6.2 Redhat Linux 6.0	9

Exploit-Db

description	Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (1). CVE-2000-0666. Remote exploit for linux platform
id	EDB-ID:20075
last seen	2016-02-02
modified	2000-07-16
published	2000-07-16
reporter	drow
source	https://www.exploit-db.com/download/20075/
title	Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String 1

description	Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (2). CVE-2000-0666. Remote exploit for linux platform
id	EDB-ID:20076
last seen	2016-02-02
modified	2000-08-01
published	2000-08-01
reporter	Doing
source	https://www.exploit-db.com/download/20076/
title	Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String 2

description	Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (3). CVE-2000-0666. Remote exploit for linux platform
id	EDB-ID:20077
last seen	2016-02-02
modified	2000-08-03
published	2000-08-03
reporter	ron1n
source	https://www.exploit-db.com/download/20077/
title	Conectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String 3

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2000-021.NASL
description	A bug recently discovered in the nfs-utils package can theoretically be used for gaining remote root access. While there are currently no known exploits for this bug, we recommend upgrading to the latest version which fixes the bug.
last seen	2020-06-01
modified	2020-06-02
plugin id	61819
published	2012-09-06
reporter	This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/61819
title	Mandrake Linux Security Advisory : nfs-utils (MDKSA-2000:021)

NASL family	RPC
NASL id	STATD_FORMAT_STRING.NASL
description	The remote statd service could be brought down with a format string attack - it now needs to be restarted manually. This means that an attacker may execute arbitrary code thanks to a bug in this daemon.
last seen	2020-06-01
modified	2020-06-02
plugin id	10544
published	2000-11-10
reporter	This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10544
title	Linux Multiple statd Packages Remote Format String

NASL family	Red Hat Local Security Checks
NASL id	REDHAT_FIXES.NASL
description	This plugin writes in the knowledge base the CVE ids that we know Red Hat enterprise Linux is not vulnerable to.
last seen	2020-06-01
modified	2020-06-02
plugin id	12512
published	2004-07-06
reporter	This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/12512
title	Red Hat Enterprise Linux fixes

Redhat

advisories

rhsa

id	RHSA-2000:043

References

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.