CVE-2000-0867

HIGH

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

CVSS v2.0 Score

7.2

/ 10.0

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Information

Published: 14 nov. 2000
Updated: 16 avr. 2026
Status: Modified
Source: cve@mitre.org

Affected products

debian debian linux

Versions : 2.1, 2.2

mandrakesoft mandrake linux

Versions : 6.0, 6.1, 7.0, 7.1

redhat linuxAll Linux Kernel CVEs →

Versions : 5.2, 6.2

slackware slackware linux

trustix secure linux

Versions : 1.1

Weaknesses (CWE)

NVD-CWE-Other

References (18)

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt
http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html
Vendor Advisory
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050
http://marc.info/?l=bugtraq&m=97726239017741&w=2
http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html
http://www.osvdb.org/5824
http://www.redhat.com/support/errata/RHSA-2000-061.html
http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/5259
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt
http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html
Vendor Advisory
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050
http://marc.info/?l=bugtraq&m=97726239017741&w=2
http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html
http://www.osvdb.org/5824
+ 3 more references on NVD

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring