Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2000-11-14 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2000-0844
Mitre link : CVE-2000-0844
CVE.ORG link : CVE-2000-0844
JSON object : View
Products Affected
caldera
- openlinux_eserver
- openlinux
- openlinux_ebuilder
slackware
- slackware_linux
turbolinux
- turbolinux
mandrakesoft
- mandrake_linux
immunix
- immunix
ibm
- aix
redhat
- linux
suse
- suse_linux
conectiva
- linux
sun
- sunos
- solaris
sgi
- irix
debian
- debian_linux
trustix
- secure_linux
CWE
CWE-264
Permissions, Privileges, and Access Controls