CVE-2000-0223
published 2000-03-10CVE-2000-0223: Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter.
PriorityP424high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.94%
56.5th percentile
Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sam_hawker | wmcdplay | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (2)
exploitdb·2000-03-13
CVE-2000-0223 Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (2)
Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (2)
---
source: https://www.securityfocus.com/bid/1047/info
wmcdplay is cdplayer generally used with the WindowMaker X11 window-manager on unix systems. While wmcdplay is rarely installed at all by default, when it is installed it is typically set setuid root. wmcdplay is vulnerable to a buffer overflow attack due to lack of bounds checking on an argument it is passed. As a result, a local user can elevate their priviliges to root through overruning the stack and executing arbitrary code with the effective user-id of the process (root).
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19803.tar.gz
Exploit-DB
Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (1)
exploitdb·2000-03-11
CVE-2000-0223 Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (1)
Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (1)
---
// source: https://www.securityfocus.com/bid/1047/info
wmcdplay is cdplayer generally used with the WindowMaker X11 window-manager on unix systems. While wmcdplay is rarely installed at all by default, when it is installed it is typically set setuid root. wmcdplay is vulnerable to a buffer overflow attack due to lack of bounds checking on an argument it is passed. As a result, a local user can elevate their priviliges to root through overruning the stack and executing arbitrary code with the effective user-id of the process (root).
/*** Halloween 4 local root exploit for wmcdplay. Other distros are
*** maybe affected as well.
*** (C) 2000 by C-skills development. Under the GPL.
***
*** Bugdiscovery + exploit by S. Krahmer
No writeups or analysis indexed.
2000-03-10
Published