CVE-2000-1040Use of Externally-Controlled Format String in Linux

6 documents6 sources
Severity
10.0CRITICALNVD
EPSS
1.8%
top 17.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Suse Linux
Timeline
PublishedDec 11
Latest updateApr 30

Description

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDsuse/suse_linux4 versions+3

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-phf2-3r4c-ww53: Format string vulnerability in logging function of ypbind 32022-04-30
CVEList
CVE-2000-1040: Format string vulnerability in logging function of ypbind 32001-01-22

💥Exploits & PoCs

1
Exploit-DB
Sun StarOffice 5.1 - Arbitrary File Read2000-03-09

📋Vendor Advisories

1
Red Hat
security flaw2000-10-18

💬Community

1
Bugzilla
CVE-2000-1040 security flaw2018-08-16
CVE-2000-1040 — Suse Linux vulnerability | cvebase