CVE-2000-0867

Published: Jan 22, 2001

Modified: Aug 8, 2024

PUBLISHED

Description

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

klogd-format-string(5259)

vdb-entry

x_refsource_XF

5824

vdb-entry

x_refsource_OSVDB

20000918 Conectiva Linux Security Announcement - sysklogd

mailing-list

x_refsource_BUGTRAQ

TLSA2000022-2

vendor-advisory

x_refsource_TURBO

MDKSA-2000:050

vendor-advisory

x_refsource_MANDRAKE

20000917 klogd format bug

mailing-list

x_refsource_BUGTRAQ

RHSA-2000:061

vendor-advisory

x_refsource_REDHAT

20000920 syslogd + klogd format string parsing error

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2000-0867

Description

Affected Products

References