CVE-2000-1042Improper Restriction of Operations within the Bounds of a Memory Buffer in Mandrake Linux

5 documents4 sources
Severity
10.0CRITICALNVD
EPSS
0.5%
top 34.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mandrakesoft Mandrake Linux
Timeline
PublishedDec 11
Latest updateApr 30

Description

Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDmandrakesoft/mandrake_linux6.1, 7.0, 7.1+2

Patches

Patch: www.linux-mandrake.comPatch: www.linux-mandrake.com

🔴Vulnerability Details

2
GHSA
GHSA-32j7-w96w-jq92: Buffer overflow in ypserv in Mandrake Linux 72022-04-30
CVEList
CVE-2000-1042: Buffer overflow in ypserv in Mandrake Linux 72001-01-22

🔍Detection Rules

2
Suricata
GPL RPC portmap ypserv request UDP2010-09-23
Suricata
GPL RPC portmap ypserv request TCP2010-09-23
CVE-2000-1042 — Mandrake Linux vulnerability | cvebase