CVE
- Id
- 2532
- CVE No.
- CVE-2000-0963
- Status
- Candidate
- Description
- Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
- Phase
- Modified (20080819)
- Votes
- ACCEPT(2) Cole, Mell | MODIFY(1) Frech | REVIEWING(1) Christey
- Comments
- Christey> Various vendor writeups indicate that there are multiple | overflows, so maybe this needs to be SPLIT. | | ADDREF FREEBSD:FreeBSD-SA-00:68 | ADDREF DEBIAN:20001121 ncurses: local privilege escalation | http://www.debian.org/security/2000/20001121 | ADDREF REDHAT:RHSA-2000:115 | http://www.redhat.com/support/errata/RHSA-2000-115.html | BUGTRAQ:20001201 Immunix OS Security update for ncurses | http://marc.theaimsgroup.com/?l=bugtraq&m=97570745306444&w=2 | Frech> XF:libmytinfo-bo(4422) | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Christey> This is all a library issue in which TERM/TERMINFO_DIRS are | one possible attack vector, but another is through entries | in the .terminfo file. Add .terminfo and termcap to the | description, as well as libncurses. | | ADDREF MANDRAKE:MDKSA-2001:052 | URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-052.php3 | | Now need to examine whether this is a dupe of CVE-2002-0062, | and/or BID:2116. There"s certainly enough confusion to go | around. | CHANGE> [Christey changed vote from REVIEWING to NOOP] | Christey> This is not a dupe of CVE-2002-0062. As explained in | DEBIAN:DSA-113, the original patches for CVE-2000-0963 | didn"t catch every problem. | | ADDREF SUSE:SuSE-SA:2000:043 | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97267560724404&w=2 | CHANGE> [Christey changed vote from NOOP to REVIEWING]
