Vulnerability Details CVE-2000-0229
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.2%
CVSS Severity
CVSS v2 Score 7.2
References
- http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html
- http://www.novell.com/linux/security/advisories/suse_security_announce_45.html
- http://www.redhat.com/support/errata/RHSA-2000-009.html
- http://www.redhat.com/support/errata/RHSA-2000-045.html
- http://www.securityfocus.com/bid/1069
- http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html
- http://www.novell.com/linux/security/advisories/suse_security_announce_45.html
- http://www.redhat.com/support/errata/RHSA-2000-009.html
- http://www.redhat.com/support/errata/RHSA-2000-045.html
- http://www.securityfocus.com/bid/1069
Products affected by CVE-2000-0229
-
cpe:2.3:o:alessandro_rubini:gpm:1.18.1
-
cpe:2.3:o:alessandro_rubini:gpm:1.19
-
cpe:2.3:o:debian:debian_linux:2.0
-
cpe:2.3:o:debian:debian_linux:2.1
-
cpe:2.3:o:debian:debian_linux:2.2
-
cpe:2.3:o:redhat:linux:6.0
-
cpe:2.3:o:redhat:linux:6.1
-
cpe:2.3:o:redhat:linux:6.2
-
cpe:2.3:o:suse:suse_linux:5.3
-
cpe:2.3:o:suse:suse_linux:6.0
-
cpe:2.3:o:suse:suse_linux:6.1
-
cpe:2.3:o:suse:suse_linux:6.2
-
cpe:2.3:o:suse:suse_linux:6.3