CVE-2000-0118
First published: Wed Jun 09 1999(Updated: )
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Linux | =2.0 | |
| Red Hat Linux | =2.1 | |
| Red Hat Linux | =3.0.3 | |
| Red Hat Linux | =4.0 | |
| Red Hat Linux | =4.1 | |
| Red Hat Linux | =4.2 | |
| Red Hat Linux | =5.0 | |
| Red Hat Linux | =5.1 | |
| Red Hat Linux | =5.2 | |
| Red Hat Linux | =5.2 | |
| Red Hat Linux | =5.2 | |
| Red Hat Linux | =6.0 | |
| Red Hat Linux | =6.0 | |
| Red Hat Linux | =6.0 | |
| Red Hat Linux | =6.1 | |
| Red Hat Linux | =6.1 | |
| Red Hat Linux | =6.1 | |
| Oracle Solaris SPARC | ||
| Oracle Solaris SPARC | =1.1.3-u1 | |
| Oracle Solaris SPARC | =1.1.4 | |
| Oracle Solaris SPARC | =2.4 | |
| Sun SunOS | ||
| Sun SunOS | =4.1.3 | |
| Sun SunOS | =4.1.4 | |
| Sun SunOS | =5.0 | |
| Sun SunOS | =5.1 | |
| Sun SunOS | =5.2 | |
| Sun SunOS | =5.3 | |
| Sun SunOS | =5.4 | |
| Sun SunOS | =5.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-0118?
CVE-2000-0118 is considered a moderate severity vulnerability due to its potential for local attackers to conduct brute force attacks without being logged.
How do I fix CVE-2000-0118?
To fix CVE-2000-0118, users should update their Red Hat Linux environment to a version that addresses this vulnerability.
Which versions of Red Hat Linux are affected by CVE-2000-0118?
CVE-2000-0118 affects Red Hat Linux versions 2.0 through 6.1.
What kind of attacks does CVE-2000-0118 enable?
CVE-2000-0118 enables local attackers to perform brute force password guessing attacks without the risk of being logged.
Is CVE-2000-0118 applicable to Solaris systems?
CVE-2000-0118 is primarily associated with Red Hat Linux and does not specifically apply to Solaris systems.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-historical
- collector/nvd-index
- vendor/redhat
- canonical/red hat linux
- version/red hat linux/2.0
- version/red hat linux/2.1
- version/red hat linux/3.0.3
- version/red hat linux/4.0
- version/red hat linux/4.1
- version/red hat linux/4.2
- version/red hat linux/5.0
- version/red hat linux/5.1
- version/red hat linux/5.2
- version/red hat linux/6.0
- version/red hat linux/6.1
- vendor/sun
- canonical/oracle solaris sparc
- version/oracle solaris sparc/1.1.3-u1
- version/oracle solaris sparc/1.1.4
- version/oracle solaris sparc/2.4
- canonical/sun sunos
- version/sun sunos/4.1.3
- version/sun sunos/4.1.4
- version/sun sunos/5.0
- version/sun sunos/5.1
- version/sun sunos/5.2
- version/sun sunos/5.3
- version/sun sunos/5.4
- version/sun sunos/5.5