CVE-2000-0026
published 1999-12-21CVE-2000-0026: Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
PriorityP342critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
4.59%
90.5th percentile
Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sco | unixware | — | — |
| windowmaker | wmmon | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h3gh-fgjq-2grf: Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string
ghsa_unreviewed·2022-04-30
CVE-2000-0026 [HIGH] GHSA-h3gh-fgjq-2grf: Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string
Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
Red Hat
security flaw
vendor_redhat·2000-12-11·CVSS 5.0
CVE-2001-0026 [MEDIUM] security flaw
security flaw
rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option.
Statement: This issue was fixed in the following product:
- Red Hat Linux 7.0 - RHSA-2000:130 (2000-12-19)
No detection rules found.
Exploit-DB
Microsoft IIS - ASP Stack Overflow (MS06-034)
exploitdb·2006-07-21
CVE-2006-0026 Microsoft IIS - ASP Stack Overflow (MS06-034)
Microsoft IIS - ASP Stack Overflow (MS06-034)
---
#include
#include
/***********************************************************************
Microsoft IIS ASP Stack Overflow Exploit(MS06-034)
by cocoruder(frankruder_at_hotmail.com),2006/7/13
page:http://ruder.cdut.net/default.asp
successfully test on Windows 2000 Server SP4+IIS5.0,
On Windows 2003 Server+IIS6.0,because the new SEH protection mechanisms,
you should set the new fs:[0]->hander flexibility,this need some luck.
usage:
upload the "exploit2000.asp" to IIS web directory,use web
browser to visit it,then the shellcode will execute.
************************************************************************/
//include asp filename length=10ch>104h
unsigned char asp_include_header[]=
"";
//jmp 8
unsigned char code_jmp8[]=
"\xEB
Exploit-DB
SCO Unixware 7.1 - i2odialogd Remote Buffer Overflow
exploitdb·1999-12-22
CVE-2000-0026 SCO Unixware 7.1 - i2odialogd Remote Buffer Overflow
SCO Unixware 7.1 - i2odialogd Remote Buffer Overflow
---
// source: https://www.securityfocus.com/bid/876/info
UnixWare is a variant of the Unix operating system originally written by SCO, and distributed and maintained by Caldera.
i20dialogd is a daemon which provides a front-end for controlling the i20 subsystem. It is shipped with SCO Unixware and installed running as root by default. In its authentication mechanism exists a serious buffer overflow vulnerability. The username/password buffers are of a fixed length (88+ characters) with no bounds checking performed on them. Because of this it is possible to overflow the buffer, corrupt the stack and overwrite the return address altering the flow of execution (and running arbitrary code). It should be noted that exploit code must be
No writeups or analysis indexed.
1999-12-21
Published