CVE-2000-0506

The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
ftp://sgigate.sgi.com/security/20000802-01-P
http://archives.neohapsis.com/archives/bugtraq/2000-06/0062.html
http://archives.neohapsis.com/archives/bugtraq/2000-06/0063.html
http://www.redhat.com/support/errata/RHSA-2000-037.html
http://www.securityfocus.com/bid/1322
http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006090852340.3475-300000%40alfa.elzabsoft.pl

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel:2.0:::::::*
	cpe:2.3:o:linux:linux_kernel:2.0.30:::::::*
	cpe:2.3:o:linux:linux_kernel:2.0.33:::::::*
	cpe:2.3:o:linux:linux_kernel:2.0.34:::::::*
	cpe:2.3:o:linux:linux_kernel:2.0.35:::::::*
	cpe:2.3:o:linux:linux_kernel:2.0.36:::::::*
	cpe:2.3:o:linux:linux_kernel:2.0.37:::::::*
	cpe:2.3:o:linux:linux_kernel:2.0.38:::::::*
	cpe:2.3:o:linux:linux_kernel:2.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.2.0:::::::*
	cpe:2.3:o:linux:linux_kernel:2.2.10:::::::*
	cpe:2.3:o:linux:linux_kernel:2.2.12:::::::*
	cpe:2.3:o:linux:linux_kernel:2.2.13:::::::*
	cpe:2.3:o:linux:linux_kernel:2.2.14:::::::*
	cpe:2.3:o:linux:linux_kernel:2.2.15:::::::*
	cpe:2.3:o:linux:linux_kernel:2.2.15:pre16::::::
	cpe:2.3:o:linux:linux_kernel:2.2.15_pre20:::::::*
	cpe:2.3:o:linux:linux_kernel:2.2.16:::::::*
	cpe:2.3:o:linux:linux_kernel:2.2.16:pre5::::::

History

07 Nov 2023, 01:55

Type	Values Removed	Values Added
References	{'url': 'http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006090852340.3475-300000@alfa.elzabsoft.pl', 'name': '20000609 Sendmail & procmail local root exploits on Linux kernel up to 2.2.16pre5', 'tags': ['Exploit', 'Vendor Advisory'], 'refsource': 'BUGTRAQ'}	() http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006090852340.3475-300000%40alfa.elzabsoft.pl -

Information

Published : 2000-06-09 04:00

Updated : 2023-12-10 10:17

NVD link : CVE-2000-0506

Mitre link : CVE-2000-0506

CVE.ORG link : CVE-2000-0506

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

10.0 /10