{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-07-16T00:00:00", "descriptions": [{"lang": "en", "value": "rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2000:043", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html"}, {"name": "20000716 Lots and lots of fun with rpc.statd", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html"}, {"name": "1480", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1480"}, {"name": "20000717 CONECTIVA LINUX SECURITY ANNOUNCEMENT - nfs-utils", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html"}, {"name": "20000718 Trustix Security Advisory - nfs-utils", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html"}, {"name": "linux-rpcstatd-format-overwrite(4939)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939"}, {"name": "CSSA-2000-025.0", "tags": ["vendor-advisory", "x_refsource_CALDERA"], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt"}, {"name": "CA-2000-17", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.cert.org/advisories/CA-2000-17.html"}, {"name": "20000718 [Security Announce] MDKSA-2000:021 nfs-utils update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0666", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2000:043", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html"}, {"name": "20000716 Lots and lots of fun with rpc.statd", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html"}, {"name": "1480", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1480"}, {"name": "20000717 CONECTIVA LINUX SECURITY ANNOUNCEMENT - nfs-utils", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html"}, {"name": "20000718 Trustix Security Advisory - nfs-utils", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html"}, {"name": "linux-rpcstatd-format-overwrite(4939)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939"}, {"name": "CSSA-2000-025.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt"}, {"name": "CA-2000-17", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2000-17.html"}, {"name": "20000718 [Security Announce] MDKSA-2000:021 nfs-utils update", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T05:28:40.705Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2000:043", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html"}, {"name": "20000716 Lots and lots of fun with rpc.statd", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html"}, {"name": "1480", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/1480"}, {"name": "20000717 CONECTIVA LINUX SECURITY ANNOUNCEMENT - nfs-utils", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html"}, {"name": "20000718 Trustix Security Advisory - nfs-utils", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html"}, {"name": "linux-rpcstatd-format-overwrite(4939)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939"}, {"name": "CSSA-2000-025.0", "tags": ["vendor-advisory", "x_refsource_CALDERA", "x_transferred"], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt"}, {"name": "CA-2000-17", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.cert.org/advisories/CA-2000-17.html"}, {"name": "20000718 [Security Announce] MDKSA-2000:021 nfs-utils update", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0666", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-08-02T00:00:00", "dateUpdated": "2024-08-08T05:28:40.705Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*", "matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:alpha:*:*:*:*:*", "matchCriteriaId": "33E4AFED-E180-429F-AEAB-E9FC311319E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:powerpc:*:*:*:*:*", "matchCriteriaId": "FD8008FD-421F-4650-8C42-848B95689CF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "1BAEA161-4A19-4B28-97D0-B741D2BBF7FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F", "vulnerable": true}, {"criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges."}], "id": "CVE-2000-0666", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2000-07-16T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html"}, {"source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.cert.org/advisories/CA-2000-17.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/1480"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.cert.org/advisories/CA-2000-17.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/1480"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "security flaw", "id": "1616499", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616499"}, "csaw": false, "details": ["rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges."], "name": "CVE-2000-0666", "public_date": "2000-07-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2000-0666\nhttps://nvd.nist.gov/vuln/detail/CVE-2000-0666"], "statement": "This issue was fixed in the following products:\n- Red Hat Linux 6.0 - RHSA-2000:043 (2000-07-17)\n- Red Hat Linux 6.1 - RHSA-2000:043 (2000-07-17)\n- Red Hat Linux 6.2 - RHSA-2000:043 (2000-07-17)"}