CVE-2000-1009
First published: Wed Nov 29 2000(Updated: )
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trustix Secure Linux | =1.1 | |
| Red Hat Linux | =6.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-1009?
CVE-2000-1009 has a moderate severity rating due to its potential to allow local users to escalate privileges.
How do I fix CVE-2000-1009?
To fix CVE-2000-1009, you should ensure that the RSH environmental variable is not trusted by implementing stricter security policies.
Who is affected by CVE-2000-1009?
CVE-2000-1009 affects users of Red Hat Linux 6.2 and Trustix Secure Linux 1.1.
What kind of vulnerability is CVE-2000-1009?
CVE-2000-1009 is a local privilege escalation vulnerability due to improper handling of environmental variables.
Can CVE-2000-1009 be exploited remotely?
CVE-2000-1009 cannot be exploited remotely as it requires local access to the affected systems.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- vendor/trustix
- canonical/trustix secure linux
- version/trustix secure linux/1.1
- vendor/redhat
- canonical/red hat linux
- version/red hat linux/6.2