CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 2CVE-2000-0993 – BSD chpass - 'pw_error' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2000-0993
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. • https://www.exploit-db.com/exploits/243 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:58.chpass.asc ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-015.txt.asc http://marc.info/?l=bugtraq&m=97068555106135&w=2 http://www.openbsd.org/errata27.html#pw_error http://www.securityfocus.com/bid/1744 https://exchange.xforce.ibmcloud.com/vulnerabilities/5339 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0915
https://notcve.org/view.php?id=CVE-2000-0915
fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:54.fingerd.asc http://archives.neohapsis.com/archives/bugtraq/2000-10/0017.html http://www.osvdb.org/433 http://www.securityfocus.com/bid/1803 https://exchange.xforce.ibmcloud.com/vulnerabilities/5385 •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2000-1011
https://notcve.org/view.php?id=CVE-2000-1011
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc http://www.osvdb.org/6070 https://exchange.xforce.ibmcloud.com/vulnerabilities/5638 •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2000-1013
https://notcve.org/view.php?id=CVE-2000-1013
The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc •
CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 1CVE-2000-0963
https://notcve.org/view.php?id=CVE-2000-0963
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS. • http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt http://www.securityfocus.com/archive/1/138550 http://www.securityfocus.com/bid/1142 https://exchange.xforce.ibmcloud.com/vulnerabilities/44487 •