{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-09-04T00:00:00", "descriptions": [{"lang": "en", "value": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2000:057", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"}, {"name": "20000906 glibc locale security problem", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"}, {"name": "20000902 Conectiva Linux Security Announcement - glibc", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"}, {"name": "SSRT0689U", "tags": ["vendor-advisory", "x_refsource_COMPAQ"], "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"}, {"name": "TLSA2000020-1", "tags": ["vendor-advisory", "x_refsource_TURBO"], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"}, {"name": "20000902 glibc: local root exploit", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2000/20000902"}, {"name": "20000904 UNIX locale format string vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"}, {"name": "IY13753", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"}, {"name": "1634", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1634"}, {"name": "CSSA-2000-030.0", "tags": ["vendor-advisory", "x_refsource_CALDERA"], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"}, {"name": "unix-locale-format-string(5176)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"}, {"name": "20000901-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0844", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2000:057", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"}, {"name": "20000906 glibc locale security problem", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"}, {"name": "20000902 Conectiva Linux Security Announcement - glibc", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"}, {"name": "SSRT0689U", "refsource": "COMPAQ", "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"}, {"name": "TLSA2000020-1", "refsource": "TURBO", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"}, {"name": "20000902 glibc: local root exploit", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20000902"}, {"name": "20000904 UNIX locale format string vulnerability", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"}, {"name": "IY13753", "refsource": "AIXAPAR", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"}, {"name": "1634", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1634"}, {"name": "CSSA-2000-030.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"}, {"name": "unix-locale-format-string(5176)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"}, {"name": "20000901-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T05:37:30.623Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2000:057", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"}, {"name": "20000906 glibc locale security problem", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"}, {"name": "20000902 Conectiva Linux Security Announcement - glibc", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"}, {"name": "SSRT0689U", "tags": ["vendor-advisory", "x_refsource_COMPAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"}, {"name": "TLSA2000020-1", "tags": ["vendor-advisory", "x_refsource_TURBO", "x_transferred"], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"}, {"name": "20000902 glibc: local root exploit", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2000/20000902"}, {"name": "20000904 UNIX locale format string vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"}, {"name": "IY13753", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"}, {"name": "1634", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/1634"}, {"name": "CSSA-2000-030.0", "tags": ["vendor-advisory", "x_refsource_CALDERA", "x_transferred"], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"}, {"name": "unix-locale-format-string(5176)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"}, {"name": "20000901-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0844", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-10-18T00:00:00", "dateUpdated": "2024-08-08T05:37:30.623Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E", "vulnerable": true}, {"criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*", "matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*", "matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*", "matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858", "vulnerable": true}, {"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46", "vulnerable": true}, {"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "E55C28A7-CD21-47CD-AA50-E8B2D89A18E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "44C6203A-D05B-47B1-8BC2-BA021EBAFDEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "55919E74-09E7-44BA-9941-D1B69BB1692F", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D", "vulnerable": true}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73", "vulnerable": true}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F", "vulnerable": true}, {"criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true}, {"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "981A0654-C17D-48BB-A8B3-A728CB159C33", "vulnerable": true}, {"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2AA8956D-F533-42BA-A06B-7CDB0A267B2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259", "vulnerable": true}, {"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A0AA1204-D181-4E1C-B795-159FC57E86A9", "vulnerable": true}, {"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "24740C11-59D0-4071-97BD-8BF7084FC1FC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."}], "id": "CVE-2000-0844", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2000-11-14T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"}, {"source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2000/20000902"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/1634"}, {"source": "cve@mitre.org", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2000/20000902"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/1634"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "security flaw", "id": "1616517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616517"}, "csaw": false, "details": ["Some functions that implement the locale subsystem on Unix do not  properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."], "name": "CVE-2000-0844", "public_date": "2000-09-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2000-0844\nhttps://nvd.nist.gov/vuln/detail/CVE-2000-0844"], "statement": "This issue was fixed in the following products:\n- Red Hat Linux 5.0 - RHSA-2000:057 (2000-09-01)\n- Red Hat Linux 5.1 - RHSA-2000:057 (2000-09-01)\n- Red Hat Linux 5.2 - RHSA-2000:057 (2000-09-01)\n- Red Hat Linux 6.0 - RHSA-2000:057 (2000-09-01)\n- Red Hat Linux 6.1 - RHSA-2000:057 (2000-09-01)\n- Red Hat Linux 6.2 - RHSA-2000:057 (2000-09-01)"}