CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2000-0786

GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.5%

CVSS Severity

CVSS v2 Score 4.6

References

http://archives.neohapsis.com/archives/bugtraq/2000-07/0389.html
http://marc.info/?l=bugtraq&m=96473640717095&w=2
http://www.debian.org/security/2000/20000727
http://www.securityfocus.com/bid/1516
http://archives.neohapsis.com/archives/bugtraq/2000-07/0389.html
http://marc.info/?l=bugtraq&m=96473640717095&w=2
http://www.debian.org/security/2000/20000727
http://www.securityfocus.com/bid/1516

Products affected by CVE-2000-0786

Gnu » Userv » Version: 1.0.0

cpe:2.3:a:gnu:userv:1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2000-0786

Products

Pricing

Contact Us