Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0438

6 documents4 sources

Severity

7.2HIGH

EPSS

0.4%

top 40.60%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Caldera Openlinux Slackware Slackware Linux Suse Suse Linux +1 more

Timeline

PublishedMay 22

Latest updateApr 30

Description

Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages4 packages

▶NVDsuse/suse_linux14 versions+13

▶NVDcaldera/openlinux7.0

▶NVDturbolinux/turbolinux6.0, 6.0.1, 6.0.2+2

▶NVDslackware/slackware_linux6 versions+5

🔴Vulnerability Details

GHSA

GHSA-fg2g-48g8-4xwm: Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter↗2022-04-30

▶

CVEList

CVE-2000-0438: Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter↗2000-07-12

▶

💥Exploits & PoCs

Exploit-DB

S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (2)↗2000-05-22

▶

Exploit-DB

S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (1)↗2000-05-22

▶

Exploit-DB

S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (3)↗2000-05-22

▶