CVE-2000-0973 - OpenCVE

Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Daniel Stenberg	Curl

Configuration 1 [-]

OR	cpe:2.3:a:daniel_stenberg:curl:6.0:::::::*
	cpe:2.3:a:daniel_stenberg:curl:6.1:::::::*
	cpe:2.3:a:daniel_stenberg:curl:6.1beta:::::::*
	cpe:2.3:a:daniel_stenberg:curl:6.3:::::::*
	cpe:2.3:a:daniel_stenberg:curl:6.4:::::::*
	cpe:2.3:a:daniel_stenberg:curl:6.5:::::::*
	cpe:2.3:a:daniel_stenberg:curl:6.5.1:::::::*
	cpe:2.3:a:daniel_stenberg:curl:6.5.2:::::::*
	cpe:2.3:a:daniel_stenberg:curl:7.1:::::::*
	cpe:2.3:a:daniel_stenberg:curl:7.1.1:::::::*
	cpe:2.3:a:daniel_stenberg:curl:7.2:::::::*
	cpe:2.3:a:daniel_stenberg:curl:7.2.1:::::::*
	cpe:2.3:a:daniel_stenberg:curl:7.3:::::::*
	cpe:2.3:a:daniel_stenberg:curl:7.4:::::::*

No data.

References

Link	Providers
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc
http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html
http://www.securityfocus.com/bid/1804
https://exchange.xforce.ibmcloud.com/vulnerabilities/5374
https://nvd.nist.gov/vuln/detail/CVE-2000-0973
https://www.cve.org/CVERecord?id=CVE-2000-0973

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2001-01-22T05:00:00

Updated: 2024-08-08T05:37:31.975Z

Reserved: 2000-11-24T00:00:00

Link: CVE-2000-0973

Vulnrichment

No data.

NVD

Status : Modified

Published: 2000-12-19T05:00:00.000

Modified: 2018-05-03T01:29:09.147

Link: CVE-2000-0973

Redhat

Severity :

Publid Date: 2000-10-13T00:00:00Z

Links: CVE-2000-0973 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-10-13T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "FreeBSD-SA-00:72", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc"}, {"name": "1804", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1804"}, {"name": "curl-error-bo(5374)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5374"}, {"name": "RHBA-2000:092-01", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0973", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FreeBSD-SA-00:72", "refsource": "FREEBSD", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc"}, {"name": "1804", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1804"}, {"name": "curl-error-bo(5374)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5374"}, {"name": "RHBA-2000:092-01", "refsource": "REDHAT", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T05:37:31.975Z"}, "title": "CVE Program Container", "references": [{"name": "FreeBSD-SA-00:72", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc"}, {"name": "1804", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/1804"}, {"name": "curl-error-bo(5374)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5374"}, {"name": "RHBA-2000:092-01", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0973", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:31.975Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:daniel_stenberg:curl:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "666F4E03-9AAF-4708-A8AA-C43AB80B57DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "C0164C24-6535-4E3C-92F1-43BDF8594FD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:6.1beta:*:*:*:*:*:*:*", "matchCriteriaId": "610B0EA6-4F36-4CE3-B5B2-72BF64EC8C5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "B174FCC4-C63A-4530-A871-6D438CD8849F", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "CE40B979-ED1F-40CF-9296-E673F19990EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "559792F4-B6FF-4A90-9D1A-BA73E0157FBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "9E351F24-7E36-4D80-AC1D-C40C85611285", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "2BFE1EAA-5E39-42FA-8F2E-097003C05B8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "21AEE075-CEB9-4080-B417-E0285AD2CD26", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "1EA5BC99-FA45-4860-B676-9C89BE882522", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "69D07770-7E79-4B7C-AD6F-BB8ADDD9E270", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B94C50A-E303-475B-9545-F038D8BAD2F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "7B54972E-C1E0-4CAC-A567-5681B4BF3641", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "E7ABC917-EE6C-4C29-83AE-0414D605C85D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated."}], "id": "CVE-2000-0973", "lastModified": "2018-05-03T01:29:09.147", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2000-12-19T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/1804"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5374"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}