Vulnerability Name:

CVE-2000-0750 (CCN-5067)

Assigned:2000-08-07
Published:2000-08-07
Updated:2008-09-10
Summary:Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-00:40
mopd port allows remote root compromise

Source: CCN
Type: OpenBSD Security Advisory, July 5, 2000
018: SECURITY FIX: July 5, 2000

Source: BUGTRAQ
Type: Vendor Advisory
20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow

Source: CCN
Type: BugTraq Mailing List, Mon Aug 07 2000 - 13:01:11 CDT
OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow

Source: FREEBSD
Type: Patch, Vendor Advisory
FreeBSD-SA-00:40

Source: MITRE
Type: CNA
CVE-2000-0750

Source: CCN
Type: NetBSD Project Web site
CVS log for basesrc/usr.sbin/mopd/mopd/process.c

Source: MISC
Type: UNKNOWN
http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7&r2=1.8&f=h

Source: CCN
Type: RHSA-2000:050-01
mopd-linux buffer overflow

Source: OPENBSD
Type: UNKNOWN
20000705 Mopd contained a buffer overflow.

Source: CCN
Type: OSVDB ID: 1498
Multiple Vendor mopd File Name Remote Overflow

Source: REDHAT
Type: UNKNOWN
RHSA-2000:050

Source: BID
Type: Patch, Vendor Advisory
1558

Source: CCN
Type: BID-1558
Multiple Vendor mopd Buffer Overflow Vulnerability

Source: XF
Type: UNKNOWN
mopd-bo(5067)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
  • OR cpe:/o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
  • OR cpe:/o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
  • OR cpe:/o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:netbsd:netbsd:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:openbsd:openbsd:*:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:3.5:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.1:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    netbsd netbsd 1.4.1
    netbsd netbsd 1.4.2
    openbsd openbsd 2.4
    openbsd openbsd 2.5
    openbsd openbsd 2.6
    openbsd openbsd 2.7
    redhat linux 6.0
    redhat linux 6.1
    redhat linux 6.2
    netbsd netbsd *
    redhat linux *
    openbsd openbsd *
    freebsd freebsd 3.5
    freebsd freebsd 4.1