CVE-2000-1207

Published: Sep 30, 2000Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).

Affected (1)

Products: Redhat: Linux

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Linux	All versions

References (8)

http://marc.info/?l=bugtraq&m=97034397026473&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=97063854808796&w=2

Source: cve@mitre.org

http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-059.php3

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2000-075.html

Source: cve@mitre.org

PatchVendor Advisory

http://marc.info/?l=bugtraq&m=97034397026473&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://marc.info/?l=bugtraq&m=97063854808796&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-059.php3

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2000-075.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.