ID CVE-2000-0963
Summary Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
References
Vulnerable Configurations
  • cpe:2.3:a:immunix:immunix:6.2
    cpe:2.3:a:immunix:immunix:6.2
  • cpe:2.3:a:immunix:immunix:7.0_beta
    cpe:2.3:a:immunix:immunix:7.0_beta
  • FreeBSD 3.4
    cpe:2.3:o:freebsd:freebsd:3.4
  • FreeBSD 3.5.1
    cpe:2.3:o:freebsd:freebsd:3.5.1
  • FreeBSD 4.0
    cpe:2.3:o:freebsd:freebsd:4.0
  • FreeBSD 4.1
    cpe:2.3:o:freebsd:freebsd:4.1
  • FreeBSD 4.1.1
    cpe:2.3:o:freebsd:freebsd:4.1.1
  • cpe:2.3:o:freebsd:freebsd:4.1.1:stable
    cpe:2.3:o:freebsd:freebsd:4.1.1:stable
  • cpe:2.3:o:redhat:linux:6.2:-:alpha
    cpe:2.3:o:redhat:linux:6.2:-:alpha
  • cpe:2.3:o:redhat:linux:6.2:-:i386
    cpe:2.3:o:redhat:linux:6.2:-:i386
  • cpe:2.3:o:redhat:linux:6.2:-:sparc
    cpe:2.3:o:redhat:linux:6.2:-:sparc
  • Red Hat Linux 7.0
    cpe:2.3:o:redhat:linux:7.0
CVSS
Base: 7.2 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
refmap via4
bid 1142
bugtraq 20001009 ncurses buffer overflows
caldera CSSA-2000-036.0
xf gnu-ncurses-term-terminfodirs-bo(44487)
Last major update 05-09-2008 - 16:22
Published 19-12-2000 - 00:00
Last modified 10-07-2017 - 21:29
Back to Top