Published: 22/03/2000 Updated: 10/09/2008

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat linux 6.0
redhat linux 6.1
redhat linux 6.2
suse suse linux 5.3
alessandro rubini gpm 1.18.1
alessandro rubini gpm 1.19
debian debian linux 2.1
debian debian linux 2.2
suse suse linux 6.0
suse suse linux 6.2
debian debian linux 2.0
suse suse linux 6.1
suse suse linux 6.3

source: wwwsecurityfocuscom/bid/1069/info A vulnerability exists in the gpm-root program, part of the gpm package This package is used to enable mice on the consoles of many popular Linux distributions The problem is a design error, caused when a programmer chose to attempt to revert to the running users groups, after having called setu ...

NVD-CWE-Other http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html http://www.novell.com/linux/security/advisories/suse_security_announce_45.html http://www.redhat.com/support/errata/RHSA-2000-009.html http://www.redhat.com/support/errata/RHSA-2000-045.html http://www.securityfocus.com/bid/1069 https://nvd.nist.gov https://www.exploit-db.com/exploits/19816/https://www.kb.cert.org/vuls/id/22091

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2000-0229

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect