CVE-2000-0338

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Apr 23, 2000

Updated: Nov 20, 2024

CWE ID 667

Summary

CVE-2000-0338 is a vulnerability affecting Concurrent Versions Software (CVS). The issue arises due to CVS utilizing predictable temporary file names for locking mechanisms. Malicious local users can exploit this by creating the lock directory prior to it being created for legitimate users, leading to a denial of service. This vulnerability underscores the importance of secure file locking and naming conventions in software development.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlYpm
https://www.cve.org/CVERecord?id=CVE-2000-0338
https://nvd.nist.gov/vuln/detail/CVE-2000-0338

Back to Vulnerability Database

CVE-2000-0338

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations