CVE-2000-1175
published 2001-01-09CVE-2000-1175: Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument.
PriorityP423high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.20%
64.2th percentile
Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jan_hubicka | koules | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Jan Hubicka Koules 1.4 - 'Svgalib' Local Buffer Overflow
exploitdb·2000-11-20
CVE-2000-1175 Jan Hubicka Koules 1.4 - 'Svgalib' Local Buffer Overflow
Jan Hubicka Koules 1.4 - 'Svgalib' Local Buffer Overflow
---
/*
source: https://www.securityfocus.com/bid/1967/info
Koules is an original, arcade-style game authored by Jan Hubicka. The version using svgalib is usually installed setuid root so that it may access video hardware when being run at the console by regular users. This version contains a buffer overflow vulnerability that may allow a user to gain higher priviledges. The vulnerability exists in handling of user-supplied commandline arguments.
Successful exploitation of this vulnerability leads to root compromise. Debian has announced they are not vulnerable to this problem.
*/
/*
Coolz.cpp - yep a C Plus Plus exploit, I like that Strings STL :)
This problem has been known since April this year, but I have not
seen any explo
Exploit-DB
UltraBoard 1.6 - Denial of Service
exploitdb·2000-05-05
CVE-2000-0426 UltraBoard 1.6 - Denial of Service
UltraBoard 1.6 - Denial of Service
---
source: https://www.securityfocus.com/bid/1175/info
UltraBoard 1.6 (and possibly all 1.x versions and the new beta Ultraboard 2000) are vulnerable to this Denial of Service attack.
A remote user is able to expend all of the available resources of the webserver by using a specially-devised request to the CGI. This request causes a fork, which will then consume the processor time and memory of the server.
http:://target/ultraboard.pl?request=Session=../UltraBoard.pl%00%7c
No writeups or analysis indexed.
2001-01-09
Published