CVE-2000-0963

Description

Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.

Affected products

• FreeBSD / FreeBSD4.1.1 – 4.1.1
• FreeBSD / FreeBSD4.1.1 – 4.1.1
• FreeBSD / FreeBSD3.4 – 3.4
• FreeBSD / FreeBSD3.5.1 – 3.5.1
• FreeBSD / FreeBSD4.0 – 4.0
• FreeBSD / FreeBSD4.1 – 4.1
• gnu / ncurses5.6
• immunix / immunix7.0_beta – 7.0_beta
• immunix / immunix6.2 – 6.2
• RedHat / linux6.2 – 6.2
• RedHat / linux6.2 – 6.2
• RedHat / linux6.2 – 6.2
• RedHat / linux7.0 – 7.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/44487
• MISChttp://www.securityfocus.com/archive/1/138550
• MISChttp://www.securityfocus.com/bid/1142
• VENDOR_ADVISORYhttp://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt