VDB

GCVE-VVD-CERTCC-2000-153653

GCVE-VVD-CERTCC-2000-153653
Advisory Published
Vulnetix · Advisory published October 31, 2000
Some implementations of the Linux backup utility, dump, call external programs on remote machines via the RSH environment variable. This may permit an attacker to compromise root if dump is setuid root.
Download JSON Open in Console

Risk Scores

certcc-cam
certcc-cam
impact20population11exploitation0widely_known15score_current18.876ease_of_exploitation16

Aliases

CVE-2000-1009

Transitive aliases

GSD-2000-1009GHSA-jph8-qvmw-2p95

References

Linux dump uses environment variables insecurely, allowing for root compromise
advisory
Linux dump uses environment variables insecurely, allowing for root compromise
url
Linux dump uses environment variables insecurely, allowing for root compromise
url
Linux dump uses environment variables insecurely, allowing for root compromise
url

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›