Published: 20/10/2000 Updated: 07/11/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.

Vulnerable Product	Search on Vulmon	Subscribe to Product
david bagley xlock 4.16.1
david bagley xlock 4.16

source: wwwsecurityfocuscom/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley It is believed to affect all versions of xlock derived from xlockmore This includes the xlock shipped with a number of popular operating systems Xlock is installed setuid root Normally, the -d op ...

source: wwwsecurityfocuscom/bid/1585/info A vulnerability exists in versions of the xlockmore program, originally written by David Bagley It is believed to affect all versions of xlock derived from xlockmore This includes the xlock shipped with a number of popular operating systems Xlock is installed setuid root Normally, the -d opti ...

NVD-CWE-Other http://www.debian.org/security/2000/20000816 http://archives.neohapsis.com/archives/freebsd/2000-08/0340.html http://www.securityfocus.com/bid/1585 http://archives.neohapsis.com/archives/bugtraq/2000-08/0212.html http://archives.neohapsis.com/archives/bugtraq/2000-08/0294.html http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000815231724.A14694%40subterrain.net https://nvd.nist.gov https://www.exploit-db.com/exploits/20154/

CVE-2000-0763

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect