Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0170Improper Restriction of Operations within the Bounds of a Memory Buffer in Redhat Linux

6 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.2%
top 52.61%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Redhat LinuxTurbolinux
Timeline
PublishedFeb 26
Latest updateApr 30

Description

Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDredhat/linux8 versions+7
NVDturbolinux/turbolinux3.5b2, 4.2, 4.4+2

🔴Vulnerability Details

2
GHSA
GHSA-cwv2-rx46-m2v6: Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable2022-04-30
CVEList
CVE-2000-0170: Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable2000-04-10

💥Exploits & PoCs

3
Exploit-DB
RedHat 6.1 - 'man' Local Overflow / Local Privilege Escalation2001-01-19
Exploit-DB
RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x - 'man' Buffer Overrun (2)2000-02-26
Exploit-DB
RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x - 'man' Buffer Overrun (1)2000-02-26
CVE-2000-0170 — Redhat Linux vulnerability | cvebase