Vulnerabilities > CVE-2000-0666 - Remote Format String vulnerability in Multiple Linux Vendor rpc.statd

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
conectiva
debian
redhat
suse
trustix
critical
nessus
exploit available

Summary

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

Exploit-Db

  • descriptionConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (1). CVE-2000-0666. Remote exploit for linux platform
    idEDB-ID:20075
    last seen2016-02-02
    modified2000-07-16
    published2000-07-16
    reporterdrow
    sourcehttps://www.exploit-db.com/download/20075/
    titleConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String 1
  • descriptionConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (2). CVE-2000-0666. Remote exploit for linux platform
    idEDB-ID:20076
    last seen2016-02-02
    modified2000-08-01
    published2000-08-01
    reporterDoing
    sourcehttps://www.exploit-db.com/download/20076/
    titleConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String 2
  • descriptionConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String (3). CVE-2000-0666. Remote exploit for linux platform
    idEDB-ID:20077
    last seen2016-02-02
    modified2000-08-03
    published2000-08-03
    reporterron1n
    sourcehttps://www.exploit-db.com/download/20077/
    titleConectiva 4.x/5.x,Debian 2.x,RedHat 6.x,S.u.S.E 6.x/7.0,Trustix 1.x rpc.statd Remote Format String 3

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2000-021.NASL
    descriptionA bug recently discovered in the nfs-utils package can theoretically be used for gaining remote root access. While there are currently no known exploits for this bug, we recommend upgrading to the latest version which fixes the bug.
    last seen2020-06-01
    modified2020-06-02
    plugin id61819
    published2012-09-06
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/61819
    titleMandrake Linux Security Advisory : nfs-utils (MDKSA-2000:021)
  • NASL familyRPC
    NASL idSTATD_FORMAT_STRING.NASL
    descriptionThe remote statd service could be brought down with a format string attack - it now needs to be restarted manually. This means that an attacker may execute arbitrary code thanks to a bug in this daemon.
    last seen2020-06-01
    modified2020-06-02
    plugin id10544
    published2000-11-10
    reporterThis script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/10544
    titleLinux Multiple statd Packages Remote Format String
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT_FIXES.NASL
    descriptionThis plugin writes in the knowledge base the CVE ids that we know Red Hat enterprise Linux is not vulnerable to.
    last seen2020-06-01
    modified2020-06-02
    plugin id12512
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2011 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/12512
    titleRed Hat Enterprise Linux fixes

Redhat

advisories
rhsa
idRHSA-2000:043