Vulnerability Report

CVE-2000-0844

Title: Locale subsystem format-string handling allows command execution

Remote/Local code execution

Proof Of Concept

PoC Available for CVE-2000-0844

CWE Category CWE-264

Published Date Nov 14, 2000

Modified Date Apr 03, 2025

Exploit Status Available

Score 10.0 CVSS v2.0

Exploit Probability (EPSS)

0.81%

Vulnerability Summary

CVE-2000-0844: Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Impacted Vendors

caldera 1

immunix 1

Reference Links

ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt http://www.debian.org/security/2000/20000902 http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html http://www.redhat.com/support/errata/RHSA-2000-057.html http://www.securityfocus.com/bid/1634 http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5176 ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt http://www.debian.org/security/2000/20000902 http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html http://www.redhat.com/support/errata/RHSA-2000-057.html http://www.securityfocus.com/bid/1634 http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5176

CVSS v2.0

Source Entity [email protected]

Severity HIGH

10.0

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2000-0844 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/20187

View Code

Exploit-DB https://www.exploit-db.com/exploits/209

View Code

Exploit-DB https://www.exploit-db.com/exploits/215

View Code

Exploit-DB https://www.exploit-db.com/exploits/249

View Code

Exploit-DB https://www.exploit-db.com/exploits/20185

View Code

Exploit-DB https://www.exploit-db.com/exploits/20188

View Code

Exploit-DB https://www.exploit-db.com/exploits/210

View Code

Exploit-DB https://www.exploit-db.com/exploits/20186

View Code

Exploit-DB https://www.exploit-db.com/exploits/197

View Code

Exploit-DB https://www.exploit-db.com/exploits/20189

View Code

Exploit-DB https://www.exploit-db.com/exploits/20190

View Code

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

November 14, 2000 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.