Vulnerability CVE-2000-1134: Information

Description

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

Severity: HIGH (7.2)

URL: https://nvd.nist.gov/vuln/detail/CVE-2000-1134

Published: Jan. 9, 2001

Modified: Oct. 19, 2017

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-std-debug	sisyphus	4.14.85-alt1	6.1.92-alt1	ALT-PU-2018-2754-1	217182	Fixed
kernel-image-std-debug	c9f2	4.14.85-alt1	4.19.102-alt1	ALT-PU-2018-2754-1	217182	Fixed
kernel-image-std-debug	p11	4.14.85-alt1	6.1.91-alt1	ALT-PU-2018-2754-1	217182	Fixed
kernel-image-std-def	sisyphus	4.14.85-alt1	6.1.92-alt1	ALT-PU-2018-2755-1	217183	Fixed
kernel-image-std-def	p10	4.14.85-alt1	5.10.218-alt1	ALT-PU-2018-2755-1	217183	Fixed
kernel-image-std-def	p9	4.14.85-alt1	5.4.277-alt1	ALT-PU-2018-2755-1	217183	Fixed
kernel-image-std-def	p8	4.9.143-alt0.M80P.1	4.9.337-alt0.M80P.1	ALT-PU-2018-2807-1	217409	Fixed
kernel-image-std-def	c9f2	4.14.85-alt1	5.10.214-alt0.c9f.2	ALT-PU-2018-2755-1	217183	Fixed
kernel-image-std-def	c7	4.4.183-alt0.M70C.1	4.4.277-alt0.M70C.1	ALT-PU-2019-2175-1	233233	Fixed
kernel-image-std-def	p11	4.14.85-alt1	6.1.91-alt1	ALT-PU-2018-2755-1	217183	Fixed
kernel-image-std-pae	c9f2	4.14.86-alt1	4.19.72-alt1	ALT-PU-2018-2814-1	217123	Fixed
kernel-image-un-def	p8	4.14.87-alt0.M80P.1	4.19.310-alt0.M80P.1	ALT-PU-2018-2832-1	217631	Fixed
kernel-image-un-def	c7	4.9.277-alt0.M70C.1	4.9.277-alt0.M70C.1	ALT-PU-2021-3032-1	281292	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
2006	Exploit Patch Vendor Advisory
FreeBSD-SA-00:76	Patch Vendor Advisory
20001128 /bin/sh creates insecure tmp files
20001111a
MDKSA-2000-069
CSSA-2000-043.0
CSSA-2000-042.0
RHSA-2000:117
RHSA-2000:121
MDKSA-2000:075
1926
SSRT1-41U
20011103-02-P
VU#10277	US Government Resource
20001028 tcsh: unsafe tempfile in << redirects
CLSA-2000:354
CLA-2000:350
20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE
oval:org.mitre.oval:def:4047

Affected configurations:
1. Configuration 1
  cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*
  cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*
  cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*
  cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*
  cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*
  cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*
  cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
  cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
  cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*
  cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
  cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*
  cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*
  cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:linux:6.2e:*:*:*:*:*:*:*
  cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*
  cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*

Version: v24.5.3

Vulnerability CVE-2000-1134: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2