Unrated severityNVD Advisory· Published Jan 9, 2001· Updated Apr 16, 2026
CVE-2000-1134
CVE-2000-1134
Description
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
Affected products
22cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*
cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*
- cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*
- cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
19- ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.ascnvdPatchVendor Advisory
- www.securityfocus.com/bid/2006nvdExploitPatchVendor Advisory
- www.kb.cert.org/vuls/id/10277nvdUS Government Resource
- patches.sgi.com/support/free/security/advisories/20011103-02-Pnvd
- archives.neohapsis.com/archives/bugtraq/2000-10/0418.htmlnvd
- archives.neohapsis.com/archives/tru64/2002-q1/0009.htmlnvd
- distro.conectiva.com.br/atualizacoes/nvd
- distro.conectiva.com.br/atualizacoes/nvd
- marc.infonvd
- www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txtnvd
- www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txtnvd
- www.debian.org/security/2000/20001111anvd
- www.linux-mandrake.com/en/security/MDKSA-2000-069.php3nvd
- www.linux-mandrake.com/en/security/MDKSA-2000-075.php3nvd
- www.redhat.com/support/errata/RHSA-2000-117.htmlnvd
- www.redhat.com/support/errata/RHSA-2000-121.htmlnvd
- www.securityfocus.com/archive/1/146657nvd
- www.securityfocus.com/bid/1926nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047nvd
News mentions
0No linked articles in our index yet.