CVE-2000-1163 - OpenCVE

ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Aladdin Enterprises	Ghostscript

Configuration 1 [-]

OR	cpe:2.3:a:aladdin_enterprises:ghostscript:4.3:::::::*
	cpe:2.3:a:aladdin_enterprises:ghostscript:5.10.10:::::::*
	cpe:2.3:a:aladdin_enterprises:ghostscript:5.10.15:::::::*
	cpe:2.3:a:aladdin_enterprises:ghostscript:5.10cl:::::::*
	cpe:2.3:a:aladdin_enterprises:ghostscript:5.50:::::::*

References

Link	Resource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000343
http://www.calderasystems.com/support/security/advisories/CSSA-2000-041.0.txt
http://www.debian.org/security/2000/20001123	Patch Vendor Advisory
http://www.linux-mandrake.com/en/security/MDKSA-2000-074.php3
http://www.securityfocus.com/bid/1991	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5564

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2001-01-22T05:00:00

Updated: 2005-11-02T10:00:00

Reserved: 2000-12-14T00:00:00

Link: CVE-2000-1163

JSON object: View

NVD Information

Status : Modified

Published: 2001-01-09T05:00:00.000

Modified: 2017-10-10T01:29:30.907

Link: CVE-2000-1163

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-11-22T00:00:00", "descriptions": [{"lang": "en", "value": "ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "CSSA-2000-041", "tags": ["vendor-advisory", "x_refsource_CALDERA"], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-041.0.txt"}, {"name": "ghostscript-env-variable(5564)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5564"}, {"name": "MDKSA-2000:074", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-074.php3"}, {"name": "1991", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1991"}, {"name": "CLSA-2000:343", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000343"}, {"name": "20001123 ghostscript: symlink attack", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2000/20001123"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1163", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "CSSA-2000-041", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-041.0.txt"}, {"name": "ghostscript-env-variable(5564)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5564"}, {"name": "MDKSA-2000:074", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-074.php3"}, {"name": "1991", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1991"}, {"name": "CLSA-2000:343", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000343"}, {"name": "20001123 ghostscript: symlink attack", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20001123"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1163", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-12-14T00:00:00", "dateUpdated": "2005-11-02T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:aladdin_enterprises:ghostscript:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "563638C2-75D6-4EBB-BE65-A2DBCB9B2425", "vulnerable": true}, {"criteria": "cpe:2.3:a:aladdin_enterprises:ghostscript:5.10.10:*:*:*:*:*:*:*", "matchCriteriaId": "31868FF9-396E-43F3-87CC-99653D2EEB75", "vulnerable": true}, {"criteria": "cpe:2.3:a:aladdin_enterprises:ghostscript:5.10.15:*:*:*:*:*:*:*", "matchCriteriaId": "65386D8C-7D7C-464A-839D-6B4B39F724BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:aladdin_enterprises:ghostscript:5.10cl:*:*:*:*:*:*:*", "matchCriteriaId": "5FB97AFC-64CA-4B20-8BB6-DFF70225400D", "vulnerable": true}, {"criteria": "cpe:2.3:a:aladdin_enterprises:ghostscript:5.50:*:*:*:*:*:*:*", "matchCriteriaId": "718E9B80-DD01-45E5-B61C-B5BA2036262F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript."}], "id": "CVE-2000-1163", "lastModified": "2017-10-10T01:29:30.907", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2001-01-09T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000343"}, {"source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-041.0.txt"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2000/20001123"}, {"source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-074.php3"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/1991"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5564"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}