CVE-2000-0666 | Vulnerability Database | Aqua Security

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

Affected Software

Name	Vendor	Start Version	End Version
Linux	Conectiva	4.0 (including)	4.0 (including)
Linux	Conectiva	4.0es (including)	4.0es (including)
Linux	Conectiva	4.1 (including)	4.1 (including)
Linux	Conectiva	4.2 (including)	4.2 (including)
Linux	Conectiva	5.0 (including)	5.0 (including)
Linux	Conectiva	5.1 (including)	5.1 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html
http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt
http://www.cert.org/advisories/CA-2000-17.html
http://www.redhat.com/support/errata/RHSA-2000-043.html
http://www.securityfocus.com/bid/1480
https://exchange.xforce.ibmcloud.com/vulnerabilities/4939
http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html
http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html
http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt
http://www.cert.org/advisories/CA-2000-17.html
http://www.redhat.com/support/errata/RHSA-2000-043.html
http://www.securityfocus.com/bid/1480
https://exchange.xforce.ibmcloud.com/vulnerabilities/4939

NVD	https://nvd.nist.gov/vuln/detail/CVE-2000-0666
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html