CVE-2000-1103 — HIGH (7.2) — White Hats Nepal

Vulnerability Description

rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Bsdi	Bsd Os	3.0

References

http://www.securityfocus.com/archive/1/147120ExploitVendor Advisory
http://www.securityfocus.com/bid/2009ExploitVendor Advisory
http://www.securityfocus.com/archive/1/147120ExploitVendor Advisory
http://www.securityfocus.com/bid/2009ExploitVendor Advisory

FAQ

What is CVE-2000-1103?

CVE-2000-1103 is a vulnerability with a CVSS score of 7.2 (HIGH). rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command lin...

How severe is CVE-2000-1103?

CVE-2000-1103 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2000-1103?

Check the references section above for vendor advisories and patch information. Affected products include: Bsdi Bsd Os.