Vulnerabilities > CVE-2000-0867

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

nessus

NVD

Published: 2000-11-14

Updated: 2018-05-03

Summary

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

Vulnerable Configurations

Part	Description	Count
OS	Trustix Trustix Secure Linux 1.1	1
OS	Mandrakesoft Mandrakesoft Mandrake Linux 7.0 Mandrakesoft Mandrake Linux 7.1 Mandrakesoft Mandrake Linux 6.0 Mandrakesoft Mandrake Linux 6.1	4
OS	Redhat Redhat Linux 6.2 Redhat Linux 5.2	2
OS	Debian Debian Debian Linux 2.1 Debian Debian Linux 2.2	2
OS	Slackware Slackware Slackware Linux *	1

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2000-050.NASL
description	A problem exists with the kernel logging daemon (klogd) in the sysklogd package. A
last seen	2020-06-01
modified	2020-06-02
plugin id	61840
published	2012-09-06
reporter	This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/61840
title	Mandrake Linux Security Advisory : sysklogd (MDKSA-2000:050-1)

Redhat

advisories

rhsa

id	RHSA-2000:061

References

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.