CVE-2000-0994

EPSS 1.4%

Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/20256unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch http://marc.info/?l=bugtraq&m=97068555106135&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/5338 http://www.securityfocus.com/bid/1746