CVE-2000-0798 - The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs

CVE-2000-0798

Summary

The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.

References

http://www.osvdb.org/8569
http://www.securityfocus.com/bid/1540
http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008021924.e72JOVs12558@ix.put.poznan.pl

Vulnerable Configurations

cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 05-09-2008 - 20:21)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	1540
bugtraq	20000802 [LSD] some unpublished LSD exploit codes
osvdb	8569

Last major update

05-09-2008 - 20:21

Published

20-10-2000 - 04:00

Last modified

05-09-2008 - 20:21