Vulnerability Details CVE-2000-0494
Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.6%
CVSS Severity
CVSS v2 Score 7.2
References
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0151.html
- http://seer.support.veritas.com/tnotes/volumeman/230053.htm
- http://www.securityfocus.com/bid/1356
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0151.html
- http://seer.support.veritas.com/tnotes/volumeman/230053.htm
- http://www.securityfocus.com/bid/1356
Products affected by CVE-2000-0494
-
cpe:2.3:a:symantec_veritas:volume_manager:3.0.2
-
cpe:2.3:a:symantec_veritas:volume_manager:3.0.3
-
cpe:2.3:a:symantec_veritas:volume_manager:3.0.4