Upstream information

CVE-2000-0800 at MITRE

Description

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 10
Vector AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

Note from the SUSE Security Team

This issue was fixed in the SUSE nfs-utils package on or about July 21st 2000. nfs-utils 0.1.9.1 or later and products released after this date are not affected by this issue.

No SUSE Bugzilla entries cross referenced.

No SUSE Security Announcements cross referenced.