fkie_nvd - fkie_cve-2000-0196

fkie_cve-2000-0196

Vulnerability from fkie_nvd

Published

2000-02-28 05:00

Modified

2024-11-20 23:31

Severity ?

Summary

Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.

References

▼	URL	Tags
	cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2000-006.html
	cve@mitre.org	http://www.securityfocus.com/bid/1018
	af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2000-006.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/1018

Impacted products

Vendor	Product	Version
nmh	nmh	1.0.2
redhat	linux	5.2
redhat	linux	5.2
redhat	linux	5.2
redhat	linux	6.0
redhat	linux	6.0
redhat	linux	6.0
redhat	linux	6.1
redhat	linux	6.1
redhat	linux	6.1
turbolinux	turbolinux	3.5b2
turbolinux	turbolinux	4.2
turbolinux	turbolinux	4.4
turbolinux	turbolinux	6.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nmh:nmh:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE22340-554C-4E8F-970B-27264B89F0B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:linux:5.2:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "07396B95-E434-46C9-A345-27C9EA9BEA26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*",
              "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:5.2:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "0775CE08-C5AD-4FF7-AEA9-537B1EAE3BDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*",
              "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:3.5b2:*:*:*:*:*:*:*",
              "matchCriteriaId": "667CF388-298D-4B64-9BA5-89D153FFA998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D15A193-3E01-467C-AEAD-497F4600DB06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7C765FF-0A3D-4BF4-B236-609658776ACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message."
    }
  ],
  "id": "CVE-2000-0196",
  "lastModified": "2024-11-20T23:31:56.433",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2000-02-28T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2000-006.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/1018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2000-006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/1018"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2000-0196

Vulnerability from cvelistv5

Published

2000-04-10 04:00