cvelistv5 - cve-2000-0844

CVE-2000-0844 (GCVE-0-2000-0844)

Vulnerability from cvelistv5 – Published: 2001-01-22 05:00 – Updated: 2024-08-08 05:37

Summary

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.redhat.com/support/errata/RHSA-2000-057.html	vendor-advisoryx_refsource_REDHAT
	http://www.novell.com/linux/security/advisories/a…	vendor-advisoryx_refsource_SUSE
	http://archives.neohapsis.com/archives/bugtraq/20…	mailing-listx_refsource_BUGTRAQ
	http://archives.neohapsis.com/archives/tru64/2000…	vendor-advisoryx_refsource_COMPAQ
	http://www.turbolinux.com/pipermail/tl-security-a…	vendor-advisoryx_refsource_TURBO
	http://www.debian.org/security/2000/20000902	vendor-advisoryx_refsource_DEBIAN
	http://archives.neohapsis.com/archives/bugtraq/20…	mailing-listx_refsource_BUGTRAQ
	http://archives.neohapsis.com/archives/bugtraq/20…	vendor-advisoryx_refsource_AIXAPAR
	http://www.securityfocus.com/bid/1634	vdb-entryx_refsource_BID
	http://www.calderasystems.com/support/security/ad…	vendor-advisoryx_refsource_CALDERA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	ftp://patches.sgi.com/support/free/security/advis…	vendor-advisoryx_refsource_SGI

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T05:37:30.623Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2000:057",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
          },
          {
            "name": "20000906 glibc locale security problem",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
          },
          {
            "name": "20000902 Conectiva Linux Security Announcement - glibc",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
          },
          {
            "name": "SSRT0689U",
            "tags": [
              "vendor-advisory",
              "x_refsource_COMPAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
          },
          {
            "name": "TLSA2000020-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
          },
          {
            "name": "20000902 glibc: local root exploit",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2000/20000902"
          },
          {
            "name": "20000904 UNIX locale format string vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
          },
          {
            "name": "IY13753",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
          },
          {
            "name": "1634",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/1634"
          },
          {
            "name": "CSSA-2000-030.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
          },
          {
            "name": "unix-locale-format-string(5176)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
          },
          {
            "name": "20000901-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-09-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2000:057",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
        },
        {
          "name": "20000906 glibc locale security problem",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
        },
        {
          "name": "20000902 Conectiva Linux Security Announcement - glibc",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
        },
        {
          "name": "SSRT0689U",
          "tags": [
            "vendor-advisory",
            "x_refsource_COMPAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
        },
        {
          "name": "TLSA2000020-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
        },
        {
          "name": "20000902 glibc: local root exploit",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2000/20000902"
        },
        {
          "name": "20000904 UNIX locale format string vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
        },
        {
          "name": "IY13753",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
        },
        {
          "name": "1634",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/1634"
        },
        {
          "name": "CSSA-2000-030.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
        },
        {
          "name": "unix-locale-format-string(5176)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
        },
        {
          "name": "20000901-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-0844",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2000:057",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
            },
            {
              "name": "20000906 glibc locale security problem",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
            },
            {
              "name": "20000902 Conectiva Linux Security Announcement - glibc",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
            },
            {
              "name": "SSRT0689U",
              "refsource": "COMPAQ",
              "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
            },
            {
              "name": "TLSA2000020-1",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
            },
            {
              "name": "20000902 glibc: local root exploit",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2000/20000902"
            },
            {
              "name": "20000904 UNIX locale format string vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
            },
            {
              "name": "IY13753",
              "refsource": "AIXAPAR",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
            },
            {
              "name": "1634",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/1634"
            },
            {
              "name": "CSSA-2000-030.0",
              "refsource": "CALDERA",
              "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
            },
            {
              "name": "unix-locale-format-string(5176)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
            },
            {
              "name": "20000901-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2000-0844",
    "datePublished": "2001-01-22T05:00:00",
    "dateReserved": "2000-10-18T00:00:00",
    "dateUpdated": "2024-08-08T05:37:30.623Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E02719FF-924A-4E96-AE1D-5994A8D4275E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB0F79BE-8EBF-44D8-83A1-9331669BED54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6529EC98-7CF7-47A1-95BB-2F34066FE95D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFDAB801-AAA0-4B3B-B488-52E7BA8650C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"612AC3B1-8E55-437F-9600-67EA1A8BAD48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"537A5C29-D770-4755-A6AB-8916754E14DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3AC05A9-04DA-4ED3-94D8-3254384CB724\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2D59247-56FA-46B4-BB51-2DAE71AFC145\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36B60E50-4F5A-4404-BEA3-C94F7D27B156\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"772E3C7E-9947-414F-8642-18653BB048E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D51EC29-8836-4F87-ABF8-FF7530DECBB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"440B7208-34DB-4898-8461-4E703F7EDFB7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D07AA144-6FD7-4C80-B4F2-D21C1AFC864A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29113D8E-9618-4A0E-9157-678332082858\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"313613E9-4837-433C-90EE-84A92E8D24E5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EC3F7E5-5D49-471B-A705-ADD2642E5B46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BE526D3-4CD8-423C-81FA-65B92F862A5E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C67BDA1-9451-4026-AC6D-E912C882A757\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58B90124-0543-4226-BFF4-13CCCBCCB243\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"618111F3-6608-47F0-AB0D-21547E342871\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD5E0678-45C7-492A-963C-897494D6878F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E55C28A7-CD21-47CD-AA50-E8B2D89A18E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C00FC9-AD97-4226-A0EA-7DB14AA592DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44C6203A-D05B-47B1-8BC2-BA021EBAFDEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBF25306-E7C2-4F9A-A809-4779A6C0A079\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3BA7775-30F2-4CA0-BA6E-70ED12A48D90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB038A89-1CA6-4313-B7CE-56C894945FFD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B3BC86F-5718-4232-BFFF-6244A7C09B8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6118CC1-6E51-4E1B-8F58-43B337515222\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3D3B348-270F-4209-B31A-2B40F5E4A601\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05F20EC2-ADE6-4F96-A2E7-1DCCA819D657\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91D7C561-4D23-430B-A7D8-137E52B08FF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11ACD012-F05F-45CD-A170-96CBAA42FFE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55919E74-09E7-44BA-9941-D1B69BB1692F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4853E92-5E0A-47B9-A343-D5BEE87D2C27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EC1FF5D-5EAB-44D5-B281-770547C70D68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EF44364-0F57-4B74-81B0-501EA6B58501\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8EED385-8C39-4A40-A507-2EFE7652FB35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DFA94D5-0139-490C-8257-0751FE9FBAE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0633B5A6-7A88-4A96-9462-4C09D124ED36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2A9C005-4392-4C95-9B92-98EEC73EFE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0297F56-5F41-48FD-AB47-36E3BD2AB7E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34EBF074-78C8-41AF-88F1-DA6726E56F8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1370216-93EB-400F-9AA6-CB2DC316DAA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84523B48-218B-45F4-9C04-2C103612DCB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7A22D21-E0A9-4B56-86C7-805AD1A610D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B72953B-E873-4E44-A3CF-12D770A0D416\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39F847DB-65A9-47DA-BCFA-A179E5E2301A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08003947-A4F1-44AC-84C6-9F8D097EB759\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2475113-CFE4-41C8-A86F-F2DA6548D224\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"124E1802-7984-45ED-8A92-393FC20662FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B67020A-6942-4478-B501-764147C4970D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AD0FF64-05DF-48C2-9BB5-FD993121FB2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7786607A-362E-4817-A17E-C76D6A1F737D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9E7D75A-333E-4C63-9593-F64ABA5D1CE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DF1A678-FEF1-4549-8EDC-518444CFC57F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D0DFB12-B43F-4207-A900-464A97F5124D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"981A0654-C17D-48BB-A8B3-A728CB159C33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AA8956D-F533-42BA-A06B-7CDB0A267B2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6619B49-8A89-4600-A47F-A39C8BF54259\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0AA1204-D181-4E1C-B795-159FC57E86A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24740C11-59D0-4071-97BD-8BF7084FC1FC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.\"}]",
      "id": "CVE-2000-0844",
      "lastModified": "2024-11-20T23:33:24.120",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2000-11-14T05:00:00.000",
      "references": "[{\"url\": \"ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2000/20000902\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2000-057.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/1634\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/5176\", \"source\": \"cve@mitre.org\"}, {\"url\": \"ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2000/20000902\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2000-057.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/1634\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/5176\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2000-0844\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2000-11-14T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E02719FF-924A-4E96-AE1D-5994A8D4275E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB0F79BE-8EBF-44D8-83A1-9331669BED54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6529EC98-7CF7-47A1-95BB-2F34066FE95D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFDAB801-AAA0-4B3B-B488-52E7BA8650C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"612AC3B1-8E55-437F-9600-67EA1A8BAD48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"537A5C29-D770-4755-A6AB-8916754E14DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3AC05A9-04DA-4ED3-94D8-3254384CB724\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2D59247-56FA-46B4-BB51-2DAE71AFC145\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36B60E50-4F5A-4404-BEA3-C94F7D27B156\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"772E3C7E-9947-414F-8642-18653BB048E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D51EC29-8836-4F87-ABF8-FF7530DECBB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"440B7208-34DB-4898-8461-4E703F7EDFB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D07AA144-6FD7-4C80-B4F2-D21C1AFC864A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29113D8E-9618-4A0E-9157-678332082858\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"313613E9-4837-433C-90EE-84A92E8D24E5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EC3F7E5-5D49-471B-A705-ADD2642E5B46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BE526D3-4CD8-423C-81FA-65B92F862A5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C67BDA1-9451-4026-AC6D-E912C882A757\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58B90124-0543-4226-BFF4-13CCCBCCB243\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"618111F3-6608-47F0-AB0D-21547E342871\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD5E0678-45C7-492A-963C-897494D6878F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E55C28A7-CD21-47CD-AA50-E8B2D89A18E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C00FC9-AD97-4226-A0EA-7DB14AA592DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44C6203A-D05B-47B1-8BC2-BA021EBAFDEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBF25306-E7C2-4F9A-A809-4779A6C0A079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3BA7775-30F2-4CA0-BA6E-70ED12A48D90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB038A89-1CA6-4313-B7CE-56C894945FFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B3BC86F-5718-4232-BFFF-6244A7C09B8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6118CC1-6E51-4E1B-8F58-43B337515222\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D3B348-270F-4209-B31A-2B40F5E4A601\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05F20EC2-ADE6-4F96-A2E7-1DCCA819D657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91D7C561-4D23-430B-A7D8-137E52B08FF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11ACD012-F05F-45CD-A170-96CBAA42FFE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55919E74-09E7-44BA-9941-D1B69BB1692F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4853E92-5E0A-47B9-A343-D5BEE87D2C27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EC1FF5D-5EAB-44D5-B281-770547C70D68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF44364-0F57-4B74-81B0-501EA6B58501\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8EED385-8C39-4A40-A507-2EFE7652FB35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DFA94D5-0139-490C-8257-0751FE9FBAE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0633B5A6-7A88-4A96-9462-4C09D124ED36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2A9C005-4392-4C95-9B92-98EEC73EFE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0297F56-5F41-48FD-AB47-36E3BD2AB7E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34EBF074-78C8-41AF-88F1-DA6726E56F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1370216-93EB-400F-9AA6-CB2DC316DAA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84523B48-218B-45F4-9C04-2C103612DCB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7A22D21-E0A9-4B56-86C7-805AD1A610D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B72953B-E873-4E44-A3CF-12D770A0D416\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F847DB-65A9-47DA-BCFA-A179E5E2301A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08003947-A4F1-44AC-84C6-9F8D097EB759\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2475113-CFE4-41C8-A86F-F2DA6548D224\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"124E1802-7984-45ED-8A92-393FC20662FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B67020A-6942-4478-B501-764147C4970D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AD0FF64-05DF-48C2-9BB5-FD993121FB2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7786607A-362E-4817-A17E-C76D6A1F737D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9E7D75A-333E-4C63-9593-F64ABA5D1CE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DF1A678-FEF1-4549-8EDC-518444CFC57F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D0DFB12-B43F-4207-A900-464A97F5124D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"981A0654-C17D-48BB-A8B3-A728CB159C33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AA8956D-F533-42BA-A06B-7CDB0A267B2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6619B49-8A89-4600-A47F-A39C8BF54259\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0AA1204-D181-4E1C-B795-159FC57E86A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24740C11-59D0-4071-97BD-8BF7084FC1FC\"}]}]}],\"references\":[{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2000/20000902\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2000-057.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/1634\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/5176\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2000/20000902\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2000-057.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/1634\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/5176\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-R7P8-7W63-3M9V

Vulnerability from github – Published: 2022-05-03 03:06 – Updated: 2022-05-03 03:06

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2000-0844"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2000-11-14T05:00:00Z",
    "severity": "HIGH"
  },
  "details": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.",
  "id": "GHSA-r7p8-7w63-3m9v",
  "modified": "2022-05-03T03:06:45Z",
  "published": "2022-05-03T03:06:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2000-0844"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
    },
    {
      "type": "WEB",
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2000/20000902"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/1634"
    },
    {
      "type": "WEB",
      "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2000-0844

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2000-0844

Aliases

CVE-2000-0844

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2000-0844",
    "description": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.",
    "id": "GSD-2000-0844",
    "references": [
      "https://www.debian.org/security/2000/20000902"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2000-0844"
      ],
      "details": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.",
      "id": "GSD-2000-0844",
      "modified": "2023-12-13T01:19:03.099358Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2000-0844",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2000:057",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
          },
          {
            "name": "20000906 glibc locale security problem",
            "refsource": "SUSE",
            "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
          },
          {
            "name": "20000902 Conectiva Linux Security Announcement - glibc",
            "refsource": "BUGTRAQ",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
          },
          {
            "name": "SSRT0689U",
            "refsource": "COMPAQ",
            "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
          },
          {
            "name": "TLSA2000020-1",
            "refsource": "TURBO",
            "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
          },
          {
            "name": "20000902 glibc: local root exploit",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2000/20000902"
          },
          {
            "name": "20000904 UNIX locale format string vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
          },
          {
            "name": "IY13753",
            "refsource": "AIXAPAR",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
          },
          {
            "name": "1634",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/1634"
          },
          {
            "name": "CSSA-2000-030.0",
            "refsource": "CALDERA",
            "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
          },
          {
            "name": "unix-locale-format-string(5176)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
          },
          {
            "name": "20000901-01-P",
            "refsource": "SGI",
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-0844"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1634",
              "refsource": "BID",
              "tags": [
                "Exploit",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.securityfocus.com/bid/1634"
            },
            {
              "name": "20000904 UNIX locale format string vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [
                "Exploit",
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
            },
            {
              "name": "20000902 glibc: local root exploit",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2000/20000902"
            },
            {
              "name": "CSSA-2000-030.0",
              "refsource": "CALDERA",
              "tags": [],
              "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
            },
            {
              "name": "RHSA-2000:057",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
            },
            {
              "name": "20000906 glibc locale security problem",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
            },
            {
              "name": "TLSA2000020-1",
              "refsource": "TURBO",
              "tags": [],
              "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
            },
            {
              "name": "IY13753",
              "refsource": "AIXAPAR",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
            },
            {
              "name": "SSRT0689U",
              "refsource": "COMPAQ",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
            },
            {
              "name": "20000901-01-P",
              "refsource": "SGI",
              "tags": [],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
            },
            {
              "name": "20000902 Conectiva Linux Security Announcement - glibc",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
            },
            {
              "name": "unix-locale-format-string(5176)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:26Z",
      "publishedDate": "2000-11-14T05:00Z"
    }
  }
}

FKIE_CVE-2000-0844

Vulnerability from fkie_nvd - Published: 2000-11-14 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html
cve@mitre.org	http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html
cve@mitre.org	http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt
cve@mitre.org	http://www.debian.org/security/2000/20000902
cve@mitre.org	http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2000-057.html
cve@mitre.org	http://www.securityfocus.com/bid/1634	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/5176
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html
af854a3a-2127-422b-91ae-364da2661108	http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2000/20000902
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2000-057.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/1634	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/5176

Impacted products

Vendor	Product	Version
caldera	openlinux_ebuilder	3.0
immunix	immunix	6.2
conectiva	linux	4.0
conectiva	linux	4.0es
conectiva	linux	4.1
conectiva	linux	4.2
conectiva	linux	5.0
conectiva	linux	5.1
sgi	irix	6.2
sgi	irix	6.3
sgi	irix	6.4
sgi	irix	6.5
sgi	irix	6.5.1
sgi	irix	6.5.2m
sgi	irix	6.5.3
sgi	irix	6.5.3f
sgi	irix	6.5.3m
sgi	irix	6.5.4
sgi	irix	6.5.6
sgi	irix	6.5.7
sgi	irix	6.5.8
caldera	openlinux	*
caldera	openlinux_eserver	2.3
debian	debian_linux	2.0
debian	debian_linux	2.1
debian	debian_linux	2.2
debian	debian_linux	2.3
ibm	aix	3.2
ibm	aix	3.2.4
ibm	aix	3.2.5
ibm	aix	4.0
ibm	aix	4.1
ibm	aix	4.1.1
ibm	aix	4.1.2
ibm	aix	4.1.3
ibm	aix	4.1.4
ibm	aix	4.1.5
ibm	aix	4.2
ibm	aix	4.2.1
ibm	aix	4.3
ibm	aix	4.3.1
ibm	aix	4.3.2
mandrakesoft	mandrake_linux	7.0
mandrakesoft	mandrake_linux	7.1
redhat	linux	5.0
redhat	linux	5.1
redhat	linux	5.2
redhat	linux	6.0
redhat	linux	6.1
redhat	linux	6.2
slackware	slackware_linux	7.0
slackware	slackware_linux	7.1
sun	solaris	2.6
sun	sunos	5.0
sun	sunos	5.1
sun	sunos	5.2
sun	sunos	5.3
sun	sunos	5.4
sun	sunos	5.5
sun	sunos	5.5.1
sun	sunos	5.7
sun	sunos	5.8
suse	suse_linux	6.1
suse	suse_linux	6.2
suse	suse_linux	6.3
suse	suse_linux	6.4
suse	suse_linux	7.0
trustix	secure_linux	1.0
trustix	secure_linux	1.1
turbolinux	turbolinux	6.0
turbolinux	turbolinux	6.0.1
turbolinux	turbolinux	6.0.2
turbolinux	turbolinux	6.0.3
turbolinux	turbolinux	6.0.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*",
              "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*",
              "matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*",
              "matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55C28A7-CD21-47CD-AA50-E8B2D89A18E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C6203A-D05B-47B1-8BC2-BA021EBAFDEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55919E74-09E7-44BA-9941-D1B69BB1692F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "981A0654-C17D-48BB-A8B3-A728CB159C33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA8956D-F533-42BA-A06B-7CDB0A267B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0AA1204-D181-4E1C-B795-159FC57E86A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24740C11-59D0-4071-97BD-8BF7084FC1FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
    }
  ],
  "id": "CVE-2000-0844",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2000-11-14T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2000/20000902"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1634"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2000/20000902"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2000-0844 (GCVE-0-2000-0844)

GHSA-R7P8-7W63-3M9V

GSD-2000-0844

FKIE_CVE-2000-0844

Tags

Sightings

Nomenclature