Vulnerability Name:

CVE-2001-0073 (CCN-5820)

Assigned:2000-12-26
Published:2000-12-26
Updated:2008-09-05
Summary:Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Tue Dec 26 2000 - 12:56:30 CST
buffer overflow in libsecure (NSA Security-enhanced Linux)

Source: MITRE
Type: CNA
CVE-2001-0073

Source: CCN
Type: Slinux Web site
Security-Enhanced Linux

Source: CCN
Type: OSVDB ID: 7682
NSA Security-enhanced Linux libsecure find_default_type Function Overflow

Source: BUGTRAQ
Type: Vendor Advisory
20001226 buffer overflow in libsecure (NSA Security-enhanced Linux)

Source: BID
Type: Vendor Advisory
2154

Source: CCN
Type: BID-2154
Security-Enhanced Linux Buffer Overflow Vulnerability

Source: XF
Type: UNKNOWN
slinux-libsecure-bo(5820)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:nsa:security-enhanced_linux:slinux_2000-12-18:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    nsa security-enhanced linux slinux_2000-12-18