CVE-2000-0172

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Mar 3, 2000

Updated: Nov 20, 2024

Summary

CVE-2000-0172 is a vulnerability affecting the mtr (My Traceroute) program. The issue arises from the program's use of a seteuid call for privilege dropping, which is less secure than using setuid or setgid. An attacker with local access can potentially exploit this weakness to elevate their privileges to root level. This vulnerability highlights the importance of using secure methods for privilege management in software applications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Turbolinux

Affected Vendors

Turbolinux, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlMRW
https://www.cve.org/CVERecord?id=CVE-2000-0172
https://nvd.nist.gov/vuln/detail/CVE-2000-0172

Back to Vulnerability Database