Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-1134

8 documents7 sources

Severity

7.2HIGH

EPSS

0.2%

top 60.73%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Caldera Openlinux Edesktop Caldera Openlinux Eserver Conectiva Linux +5 more

Timeline

PublishedJan 9

Latest updateMay 3

Description

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages8 packages

▶NVDimmunix/immunix6.2

▶NVDhp/hp-ux11.11

▶NVDredhat/linux5 versions+4

▶NVDconectiva/linux6 versions+5

▶NVDsuse/suse_linux7.0

Patches

Patch: ftp.freebsd.org ↗Patch: www.securityfocus.com ↗Patch: ftp.freebsd.org ↗

🔴Vulnerability Details

GHSA

GHSA-j272-pr5g-4cv9: Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka↗2022-05-03

▶

Kernel

namei: allow restricted O_CREAT of FIFOs and regular files↗2018-08-23

▶

CVEList

CVE-2000-1134: Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka↗2000-12-19

▶

💥Exploits & PoCs

Exploit-DB

UUCP - File Creation/Overwriting Symlinks↗2000-12-04

▶

Exploit-DB

Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition↗2000-01-02

▶

📋Vendor Advisories

Red Hat

security flaw↗2000-10-28

▶

💬Community

Bugzilla

CVE-2000-1134 security flaw↗2018-08-16

▶