Vulnerabilities > CVE-2000-1202 - Unspecified vulnerability in IBM Http Server SSL Module Common 1.0

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

ibm

NVD

Published: 2001-08-31

Updated: 2017-12-19

Summary

ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Http Server SSL Module Common 1.0	1

References

http://www.securityfocus.com/archive/1/54073
http://www.securityfocus.com/bid/1092
https://exchange.xforce.ibmcloud.com/vulnerabilities/4235