Vulnerability Description
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mandrakesoft | Mandrake Linux | 6.1 |
References
- http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5731
- http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5731
FAQ
What is CVE-2000-1043?
CVE-2000-1043 is a vulnerability with a CVSS score of 10.0 (HIGH). Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog()...
How severe is CVE-2000-1043?
CVE-2000-1043 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-1043?
Check the references section above for vendor advisories and patch information. Affected products include: Mandrakesoft Mandrake Linux.