Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-1125Redhat Linux vulnerability

6 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.4%
top 40.11%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Redhat Linux
Timeline
PublishedJan 9
Latest updateApr 30

Description

restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDredhat/linux6.2, 6.2e+1

🔴Vulnerability Details

2
GHSA
GHSA-5v9r-wpqf-v2w9: restore 02022-04-30
CVEList
CVE-2000-1125: restore 02000-12-19

💥Exploits & PoCs

3
Exploit-DB
RedHat 6.2 Restore and Dump - Local Privilege Escalation2000-11-16
Exploit-DB
RedHat 6.2 - '/sbin/restore' Local Privilege Escalation2000-11-16
Exploit-DB
RedHat 0.4 b15 restore - Insecure Environment Variables2000-11-04
CVE-2000-1125 — Redhat Linux vulnerability | cvebase