Vulnerability in Caldera Openlinux
CVE-2000-1134
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of othe…
EPSS: 0.014 (69.3th percentile) — read the EPSS interpretation.
Affected products
- Caldera Openlinux
- Caldera Openlinux_edesktop — versions 2.4
- Caldera Openlinux_eserver — versions 2.3
- Conectiva Linux — versions 4.0, 4.0es, 4.1
- Hp Hp-ux — versions 11.11
- Immunix — versions 6.2
- Mandrakesoft Mandrake_linux — versions 6.0, 6.1, 7.0
- Redhat Linux — versions 5.2, 6.0, 6.1
- Suse Suse_linux — versions 7.0
- N/a — versions n/a
Public proof-of-concept exploits
References
- cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vendor-advisory, x_refsource_CONECTIVA)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (x_refsource_COMPAQ, vendor-advisory)
- cve@mitre.org (Exploit, Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (x_refsource_CALDERA, vendor-advisory)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (US Government Resource, x_refsource_CERT-VN, third-party-advisory)
Frequently asked questions
- What is CVE-2000-1134?
- CVE-2000-1134 is a vulnerability in Caldera Openlinux. Published 2001-01-09.
- Is CVE-2000-1134 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.