CVE Vulnerabilities

CVE-2000-1012

Published: Dec 11, 2000 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable.

Affected Software

Name Vendor Start Version End Version
Freebsd Freebsd 3.1 3.1
Freebsd Freebsd 3.5.1 3.5.1
Freebsd Freebsd 4.1 4.1
Freebsd Freebsd 3.0 3.0
Freebsd Freebsd 3.2 3.2
Freebsd Freebsd 4.2 4.2
Freebsd Freebsd 3.3 3.3
Freebsd Freebsd 4.0 4.0
Freebsd Freebsd 4.1.1 4.1.1
Freebsd Freebsd 3.4 3.4
Freebsd Freebsd 3.5 3.5
Freebsd Freebsd 5.0 5.0

References