CVE-ID

CVE-2000-0963

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20001124 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20080819)
Votes (Legacy)
ACCEPT(2) Cole, Mell
MODIFY(1) Frech
REVIEWING(1) Christey
Comments (Legacy)
 Christey> Various vendor writeups indicate that there are multiple
   overflows, so maybe this needs to be SPLIT.
   
   ADDREF FREEBSD:FreeBSD-SA-00:68
   ADDREF DEBIAN:20001121 ncurses: local privilege escalation
   http://www.debian.org/security/2000/20001121
   ADDREF REDHAT:RHSA-2000:115
   http://www.redhat.com/support/errata/RHSA-2000-115.html
   BUGTRAQ:20001201 Immunix OS Security update for ncurses
   http://marc.theaimsgroup.com/?l=bugtraq&m=97570745306444&w=2
 Frech> XF:libmytinfo-bo(4422)
 CHANGE> [Christey changed vote from NOOP to REVIEWING]
 Christey> This is all a library issue in which TERM/TERMINFO_DIRS are
   one possible attack vector, but another is through entries
   in the .terminfo file.  Add .terminfo and termcap to the
   description, as well as libncurses.
   
   ADDREF MANDRAKE:MDKSA-2001:052
   URL:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-052.php3
   
   Now need to examine whether this is a dupe of CVE-2002-0062,
   and/or BID:2116.  There's certainly enough confusion to go
   around.
 CHANGE> [Christey changed vote from REVIEWING to NOOP]
 Christey> This is not a dupe of CVE-2002-0062.  As explained in
   DEBIAN:DSA-113, the original patches for CVE-2000-0963
   didn't catch every problem.
   
   ADDREF SUSE:SuSE-SA:2000:043
   URL:http://marc.theaimsgroup.com/?l=bugtraq&m=97267560724404&w=2
 CHANGE> [Christey changed vote from NOOP to REVIEWING]

Proposed (Legacy)
20001129
This is an entry on the CVE list, which standardizes names for security problems.