Vulnerabilities > CVE-2000-0993

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

freebsd

netbsd

openbsd

exploit available

NVD

Published: 2000-12-19

Updated: 2017-10-10

Summary

Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 3.2 Freebsd Freebsd 3.3 Freebsd Freebsd 3.4 Freebsd Freebsd 3.5 Freebsd Freebsd 4.0	5
OS	Netbsd Netbsd Netbsd 1.4 Netbsd Netbsd 1.4.1 Netbsd Netbsd 1.4.2	3
OS	Openbsd Openbsd Openbsd 2.3 Openbsd Openbsd 2.4 Openbsd Openbsd 2.5 Openbsd Openbsd 2.6 Openbsd Openbsd 2.7	5

Exploit-Db

description	BSD chpass (pw_error(3)) Local Root Exploit. CVE-2000-0993. Local exploit for bsd platform
id	EDB-ID:243
last seen	2016-01-31
modified	2001-01-12
published	2001-01-12
reporter	caddis
source	https://www.exploit-db.com/download/243/
title	BSD chpass pw_error3 Local Root Exploit

Vulnerabilities > CVE-2000-0993 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2000-0993"}]}

Summary

Vulnerable Configurations

Exploit-Db

References

Vulnerabilities > CVE-2000-0993