CVE-2000-0791 — Secure Linux vulnerability

3 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

0.0%

top 87.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trustix Secure Linux

Timeline

PublishedOct 20

Latest updateApr 30

Description

Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDtrustix/secure_linux1.1

Patches

Patch: archives.neohapsis.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-h8j5-33x3-h6g9: Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse↗2022-04-30

▶

CVEList

CVE-2000-0791: Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse↗2000-09-21

▶