| Vulnerability Name: | CVE-2000-0798 (CCN-2110) | ||||||||
| Assigned: | 1997-01-09 | ||||||||
| Published: | 1997-01-09 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files. | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | File Manipulation | ||||||||
| References: | Source: CCN Type: SGI Security Advisory 19970102-01-PX XFS Filesystem Security Source: MITRE Type: CNA CVE-2000-0798 Source: OSVDB Type: UNKNOWN 8569 Source: CCN Type: OSVDB ID: 8569 IRIX XFS File System Truncate Function Arbitrary File Content Deletion Source: BID Type: Vendor Advisory 1540 Source: CCN Type: BID-1540 IRIX xfs truncate() Privilege Check Vulnerability Source: BUGTRAQ Type: UNKNOWN 20000802 [LSD] some unpublished LSD exploit codes Source: XF Type: UNKNOWN sgi-xfs(2110) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||