CVE-2000-0867

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/11/2000
Last modified:
03/04/2025

Description

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:debian:debian_linux:2.1:*:slink:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:2.2:*:potato:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*
cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*
cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*