Weekly Vulnerabilities Reports > September 25 to October 1, 2000

Overview

2 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 2 products from 2 vendors including Redhat, and LEE Mcloughlin. Vulnerabilities are notably categorized as .

  • 1 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities are exploitable by an anonymous user.
  • Redhat has the most reported vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

0 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS

1 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-09-30 CVE-2000-1207 Redhat Unspecified vulnerability in Redhat Linux

userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).

7.2

1 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-09-28 CVE-2000-0354 LEE Mcloughlin Unspecified vulnerability in LEE Mcloughlin Mirror 2.9

mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory.

5.0

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS