CyberSec.Space Logo
CVEブラウザに戻る

CVE-2000-1010

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile38.45th
Published2000年12月11日
Last Modified2026年4月16日

Vulnerability Description

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

Affected Platforms (CPE)

💻
Openbsd

Openbsd

= 2.3
💻
Openbsd

Openbsd

= 2.4
💻
Openbsd

Openbsd

= 2.5
💻
Openbsd

Openbsd

= 2.6
💻
Openbsd

Openbsd

= 2.7
💻
Redhat

Linux

= 5.0
💻
Redhat

Linux

= 5.1
💻
Redhat

Linux

= 5.2
💻
Redhat

Linux

= 5.2
💻
Redhat

Linux

= 5.2

References & Advisories

🔗 http://www.securityfocus.com/archive/1/137890
🔗 http://www.securityfocus.com/bid/1764
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5344
🔗 http://www.securityfocus.com/archive/1/137890
🔗 http://www.securityfocus.com/bid/1764
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5344

関連する脆弱性情報

CVE-2000-099910.0

Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root...

CVE-2001-028410.0

Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service...

CVE-1999-079810.0

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

CVE-2002-064010.0

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of re...