CVE-2000-0701

Severity

46%

Complexity

39%

Confidentiality

106%

The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.

The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 24 years ago

2000-10-20 04:00:00

Last updated 16 years ago

2008-09-10 19:05:00

Affected Software

GNU Mailman 2.0 beta3

2.0

GNU Mailman 2.0 beta4

2.0

Conectiva Conectiva Linux 4.1

4.1

Conectiva Conectiva Linux 4.2

4.2

Conectiva Conectiva Linux 5.0

5.0

Conectiva Conectiva Linux 5.1

5.1

Red Hat Linux

References

20000802 CONECTIVA LINUX SECURITY ANNOUNCEMENT - mailman

Patch, Vendor Advisory

20000802 MDKSA-2000:030 - Linux-Mandrake not affected by mailman problem

Vendor Advisory

RHSA-2000:030

20000801 Advisory: mailman local compromise

Patch, Vendor Advisory

1539

Patch, Vendor Advisory

http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.