Netscape » Iplanet Ical : Security Vulnerabilities, CVEs,

CVE-2000-1074

csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.
Max CVSS
10.0
EPSS Score
1.50%
Published
2000-12-11
Updated
2017-10-10

CVE-2000-1073

csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-12-11
Updated
2017-10-10

CVE-2000-1072

iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-12-11
Updated
2017-10-10

CVE-2000-1071

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges.
Max CVSS
10.0
EPSS Score
0.93%
Published
2000-12-11
Updated
2017-10-10
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close