Vulnerabilities > CVE-2000-0867
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
OS | 4 | |
OS | 2 | |
OS | 1 | |
OS | 1 |
Nessus
NASL family | Mandriva Local Security Checks |
NASL id | MANDRAKE_MDKSA-2000-050.NASL |
description | A problem exists with the kernel logging daemon (klogd) in the sysklogd package. A |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 61840 |
published | 2012-09-06 |
reporter | This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/61840 |
title | Mandrake Linux Security Advisory : sysklogd (MDKSA-2000:050-1) |
Redhat
advisories |
|
References
- ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt
- http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html
- http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050
- http://marc.info/?l=bugtraq&m=97726239017741&w=2
- http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html
- http://www.osvdb.org/5824
- http://www.redhat.com/support/errata/RHSA-2000-061.html
- http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5259