CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 3CVE-2000-0763 – David Bagley xlock 4.16 - User Supplied Format String
https://notcve.org/view.php?id=CVE-2000-0763
xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option. • https://www.exploit-db.com/exploits/20154 https://www.exploit-db.com/exploits/20153 http://archives.neohapsis.com/archives/bugtraq/2000-08/0212.html http://archives.neohapsis.com/archives/bugtraq/2000-08/0294.html http://archives.neohapsis.com/archives/freebsd/2000-08/0340.html http://www.debian.org/security/2000/20000816 http://www.securityfocus.com/bid/1585 http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000815231724.A14694%40subterrain.net •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0455
https://notcve.org/view.php?id=CVE-2000-0455
Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. • ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-003.txt.asc http://archives.neohapsis.com/archives/bugtraq/2000-05/0375.html http://www.nai.com/nai_labs/asp_set/advisory/41initialized.asp http://www.securityfocus.com/bid/1267 •