Vulnerability Details CVE-2000-1073
csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.7%
CVSS Severity
CVSS v2 Score 7.2
References
- http://www.atstake.com/research/advisories/2000/a100900-1.txt
- http://www.osvdb.org/7210
- http://www.securityfocus.com/bid/1769
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5757
- http://www.atstake.com/research/advisories/2000/a100900-1.txt
- http://www.osvdb.org/7210
- http://www.securityfocus.com/bid/1769
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5757
Products affected by CVE-2000-1073
-
cpe:2.3:a:netscape:iplanet_ical:2.1