Format String Vulnerability in EEPROM Program by OpenBSD and NetBSD
CVE-2000-0997

Currently unrated

Key Information:

Vendor: Netbsd
Status: Netbsd; OpenBSD
Vendor: CVE Published:; 19 December 2000

What is CVE-2000-0997?

The eeprom program in OpenBSD and NetBSD contains a format string vulnerability that can be exploited by local attackers to execute arbitrary code with elevated privileges. This flaw can lead to unauthorized root access when the program improperly handles format strings, posing significant security risks across systems utilizing these operating systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/5337

vdb-entryx_refsource_XF

ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_...

x_refsource_MISC

http://www.securityfocus.com/bid/1752

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 19, 2000
Vulnerability Reserved
Nov 24, 2000

CVE-2000-0997 Data

JSON

Netbsd

What is CVE-2000-0997?

References

Timeline