CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2000-0506

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0160%
EPSS Percentile14.09th
Published2000年6月9日
Last Modified2026年4月16日

Vulnerability Description

The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."

Affected Platforms (CPE)

💻
Linux

Linux Kernel

= 2.0
💻
Linux

Linux Kernel

= 2.0.30
💻
Linux

Linux Kernel

= 2.0.33
💻
Linux

Linux Kernel

= 2.0.34
💻
Linux

Linux Kernel

= 2.0.35
💻
Linux

Linux Kernel

= 2.0.36
💻
Linux

Linux Kernel

= 2.0.37
💻
Linux

Linux Kernel

= 2.0.38
💻
Linux

Linux Kernel

= 2.1
💻
Linux

Linux Kernel

= 2.2.0
💻
Linux

Linux Kernel

= 2.2.10
💻
Linux

Linux Kernel

= 2.2.12
💻
Linux

Linux Kernel

= 2.2.13
💻
Linux

Linux Kernel

= 2.2.14
💻
Linux

Linux Kernel

= 2.2.15
💻
Linux

Linux Kernel

= 2.2.15
💻
Linux

Linux Kernel

= 2.2.15_pre20
💻
Linux

Linux Kernel

= 2.2.16
💻
Linux

Linux Kernel

= 2.2.16

References & Advisories

🔗 ftp://sgigate.sgi.com/security/20000802-01-P
🔗 http://archives.neohapsis.com/archives/bugtraq/2000-06/0062.html
🔗 http://archives.neohapsis.com/archives/bugtraq/2000-06/0063.html
🔗 http://www.redhat.com/support/errata/RHSA-2000-037.html
🔗 http://www.securityfocus.com/bid/1322
🔗 http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006090852340.3475-300000%40alfa.elzabsoft.pl
🔗 ftp://sgigate.sgi.com/security/20000802-01-P
🔗 http://archives.neohapsis.com/archives/bugtraq/2000-06/0062.html

相關漏洞威脅

CVE-2002-157210.0

Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown imp...

CVE-2002-157310.0

Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and...

CVE-2000-074710.0

The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and k...

CVE-2003-024810.0

The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.