GCVE-VVD-CERTCC-2000-153653

Advisory Published

Vulnetix · Advisory published October 31, 2000

Some implementations of the Linux backup utility, dump, call external programs on remote machines via the RSH environment variable. This may permit an attacker to compromise root if dump is setuid root.

Download JSON Open in Console

Risk Scores

certcc-cam

impact20population11exploitation0widely_known15score_current18.876ease_of_exploitation16

Aliases

CVE-2000-1009

Transitive aliases

GSD-2000-1009 GHSA-jph8-qvmw-2p95

References

Linux dump uses environment variables insecurely, allowing for root compromise

advisory

Linux dump uses environment variables insecurely, allowing for root compromise

url

Linux dump uses environment variables insecurely, allowing for root compromise

url

Linux dump uses environment variables insecurely, allowing for root compromise

url

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON