Published: 11/12/2000 Updated: 05/09/2008

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Format string vulnerability in top program allows local malicious users to gain root privileges via the "kill" or "renice" function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freebsd freebsd 4.0
freebsd freebsd 4.1
freebsd freebsd 4.1.1
freebsd freebsd 3.5.1
freebsd freebsd 3.5

source: wwwsecurityfocuscom/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems On BSD systems, top is installed setgid kmem so that it may read process information from kernel memory if executed by a user ...

/* source: wwwsecurityfocuscom/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems On BSD systems, top is installed setgid kmem so that it may read process information from kernel memory if executed by a us ...

Hi there 👋 Trails Senior Security Engineer, GREE 🇯🇵 2012, Now ~ Security Manager, LINE 🇯🇵 2008, 4 and half years Co-founder, PanicSecurity 🇰🇷 (PS ScanW3B) 2004 Security Engineer, Webzen 🇰🇷 2003, 2years Security Consultant, HackersLab 🇰🇷 (The first security consulting firm in Korea) 2001, 2years Founder, IGRUS, Inha Group of Research for UNIX

NVD-CWE-Other http://www.securityfocus.com/bid/1895 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:62.top.v1.1.asc ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch https://nvd.nist.gov https://github.com/truefinder/truefinder https://www.exploit-db.com/exploits/20378/

CVE-2000-0998

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect