Vulnerabilities > CVE-2000-0800 - Unspecified vulnerability in Suse Linux

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

suse

critical

nessus

NVD

Published: 2000-10-20

Updated: 2008-09-10

Summary

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.

Vulnerable Configurations

Part	Description	Count
OS	Suse Suse Suse Linux 6.1 Suse Suse Linux 6.2 Suse Suse Linux 6.3 Suse Suse Linux 6.4	9

Nessus

NASL family	RPC
NASL id	STATD_FORMAT_STRING.NASL
description	The remote statd service could be brought down with a format string attack - it now needs to be restarted manually. This means that an attacker may execute arbitrary code thanks to a bug in this daemon.
last seen	2020-06-01
modified	2020-06-02
plugin id	10544
published	2000-11-10
reporter	This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/10544
title	Linux Multiple statd Packages Remote Format String

References

http://www.novell.com/linux/security/advisories/suse_security_announce_58.html