CVE-2000-0566

makewhatis in Linux man package allows local users to overwrite files via a symlink attack.

Score7.2
Access VectorLOCAL
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactCOMPLETE
Integrity ImpactCOMPLETE
Availability ImpactCOMPLETE
Published2000-07-03 12:00:00.000-04
Last Modified2018-05-02 09:29:07.000-04

Vulnerable Software List

VendorProductVersions
Caldera Openlinux 2.3, 2.4
Redhat Linux 5.2::alpha, 5.2::i386, 5.2::sparc, 6.0::alpha, 6.0::i386, 6.0::sparc, 6.1::alpha, 6.1::i386, 6.1::sparc, 6.2:
Mandrakesoft Mandrake Linux 6.0, 6.1, 7.0, 7.1

References

SourceLink
CALDERACSSA-2000-021.0
BUGTRAQ20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - MAN
MANDRAKEMDKSA-2000:015
REDHATRHSA-2000:041
BID1434
XFlinux-man-makewhatis-tmp(4900)