1. CVE-Search
  2. CVE-2000-1095
ID CVE-2000-1095
Summary modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
References
Vulnerable Configurations
  • cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*
    cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*
    cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*
  • cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*
    cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*
  • cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
    cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 10-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
rhsa
id RHSA-2000:108
refmap via4
bid 1936
bugtraq 20001112 RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd)
conectiva CLSA-2000:340
debian 20001120 modutils: local exploit
mandrake MDKSA-2000:071
suse SuSE-SA:2000:44
xf linux-modprobe-execute-code(5516)
Last major update 10-10-2017 - 01:29
Published 09-01-2001 - 05:00
Last modified 10-10-2017 - 01:29
Back to Top