Local Privilege Escalation in Mailman by Third-Party Users
CVE-2000-0701

Currently unrated

Key Information:

Vendor: Gnu
Status: Mailman; Linux
Vendor: CVE Published:; 20 October 2000

What is CVE-2000-0701?

The Mailman wrapper program in versions 2.0beta3 and 2.0beta4 fails to properly sanitize untrusted format strings, potentially allowing local users to execute arbitrary commands with elevated privileges and compromise system security. Adequate input validation checks are essential to mitigate such risks.

References

http://www.securityfocus.com/archive/1/73220

mailing-listx_refsource_BUGTRAQ

http://www.redhat.com/support/errata/RHSA-2000-030.html

vendor-advisoryx_refsource_REDHAT

http://archives.neohapsis.com/archives/bugtraq/2000-07/04...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 20, 2000
Vulnerability Reserved
Sep 19, 2000

Gnu

What is CVE-2000-0701?

References

Timeline