Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0844

CWE-26419 documents6 sources
Severity
10.0CRITICAL
EPSS
0.9%
top 24.45%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
15
Caldera Openlinux EbuilderCaldera Openlinux EserverConectiva Linux+12 more
Timeline
PublishedNov 14
Latest updateMay 3

Description

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages14 packages

NVDibm/aix15 versions+14
NVDsgi/irix13 versions+12
NVDsun/sunos9 versions+8
NVDsun/solaris2.6

Also affects: Debian Linux 2.0, 2.1, 2.2, 2.3

Patches

Patch: archives.neohapsis.comPatch: www.securityfocus.comPatch: archives.neohapsis.com

🔴Vulnerability Details

2
GHSA
GHSA-r7p8-7w63-3m9v: Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execu2022-05-03
CVEList
CVE-2000-0844: Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execu2001-01-22

💥Exploits & PoCs

12
Exploit-DB
GLIBC locale - Format Strings2003-01-15
Exploit-DB
GLIBC locale - bug mount2000-12-02
Exploit-DB
Solaris 2.6/7.0 - 'locale' Format Strings noexec stack Overflow2000-11-30
Exploit-DB
GLIBC - '/bin/su' Local Privilege Escalation2000-11-30
Exploit-DB
Solaris/SPARC 2.7 / 7 locale - Format String2000-11-20

📋Vendor Advisories

2
Red Hat
security flaw2000-09-30
Red Hat
security flaw2000-09-04

💬Community

2
Bugzilla
CVE-2000-1207 security flaw2018-08-16
Bugzilla
CVE-2000-0844 security flaw2018-08-16