CVE Catalog

CVE-2000-0293

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.69%

48th percentile — higher than 48% of all known CVEs

Summary

In SuSE Linux 6.3 and earlier versions, the aaa_base component allows local users to delete arbitrary files by creating files with names that include spaces. These files are incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.

Risk Assessment

This vulnerability allows local users to delete critical system files, potentially leading to system instability or data loss.

Recommendation

It is recommended to update the system to a newer version that does not contain this vulnerability and to monitor access to the /tmp directory.

Original NVD description (English source)

aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS