CVE-2000-0231
published 2000-03-16CVE-2000-0231: Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.
PriorityP424high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.77%
51.1th percentile
Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| halloween | halloween_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service (MS03-031)
exploitdb·2003-07-23
CVE-2003-0231 Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service (MS03-031)
Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service (MS03-031)
---
source: https://www.securityfocus.com/bid/8274/info
Microsoft SQL Server and the Microsoft Data Engine have been reported prone to a denial of service attack.
Any local or remote user, who can authenticate and is part of the Everyone Group, may trigger a denial of service condition in an affected SQL Server.
It has been reported that, if a remote attacker sends an unusually large request to a named pipe, the SQL Server will become unresponsive.
////////////////////////////////////////////////////////////////////////////////
//
// exp for Microsoft SQL Server DoS(MS03-031)
//
// By : refdom
// Email : [email protected]
// Home Page : http://www.xfocus.org
//
/////////////////////////////////////////////
Exploit-DB
MIRC 2.x/3.x/4.x/5.x - Nick Buffer Overflow
exploitdb·2002-02-03
CVE-2002-0231 MIRC 2.x/3.x/4.x/5.x - Nick Buffer Overflow
MIRC 2.x/3.x/4.x/5.x - Nick Buffer Overflow
---
// source: https://www.securityfocus.com/bid/4027/info
mIRC is a popular Internet Relay Chat client whichs runs of Microsoft Windows 9x/ME/NT/2000/XP operating systems.
A remote exploitable buffer overflow condition has been discovered in mIRC. This issue is due to improper bounds checking of nicknames sent by the server. A excessively long nickname (200+) is capable of overwriting stack variables. This may be exploited by a malicious server. This issue is also exploitable via a webpage that can instruct the client to launch and to make a connection to the malicious server.
This may lead to a full compromise of the host running the client software on some Windows systems.
/* Mirc buffer nickname buffer overflow proof of concept exploit.
Exploit-DB
Halloween Linux 4.0 / SuSE Linux 6.0/6.1/6.2/6.3 - 'kreatecd' Local Privilege Escalation
exploitdb·2000-03-16
CVE-2000-0231 Halloween Linux 4.0 / SuSE Linux 6.0/6.1/6.2/6.3 - 'kreatecd' Local Privilege Escalation
Halloween Linux 4.0 / SuSE Linux 6.0/6.1/6.2/6.3 - 'kreatecd' Local Privilege Escalation
---
source: https://www.securityfocus.com/bid/1061/info
A vulnerability exists in the kreatecd program for Linux. This program is a graphical front end to the cdrecord program, and is installed setuid root. This program will blindly trust the configuration of the path to cdrecord, as specified by the user. This means that arbitrary programs can be executed as root by an attacker using kreatecd. It appears that graphical interaction is required to exploit this program.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19813.tar.gz
No writeups or analysis indexed.
2000-03-16
Published