Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0607Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux

5 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.3%
top 47.40%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Debian LinuxMandrakesoft Mandrake LinuxRedhat Linux
Timeline
PublishedJun 21
Latest updateApr 30

Description

Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDredhat/linux5 versions+4
NVDmandrakesoft/mandrake_linux6.1, 7.0, 7.1+2

Also affects: Debian Linux 2.0, 2.1, 2.2, 2.3

🔴Vulnerability Details

2
GHSA
GHSA-p6c2-5pjm-qmjv: Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing l2022-04-30
CVEList
CVE-2000-0607: Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing l2000-07-19

💥Exploits & PoCs

2
Exploit-DB
Snitz Forums 2000 3.x - 'members.asp' SQL Injection2002-04-19
Exploit-DB
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow2000-08-01
CVE-2000-0607 — Debian Linux vulnerability | cvebase