Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0286. PoCs published by Michal Zalewski.
AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in the X11 font server (xfs) on RedHat Linux 6.x. It sends malformed input to the font server via a Unix domain socket, causing it to crash due to improper input validation.
Description
X fontserver xfs allows local users to cause a denial of service via malformed input to the server.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Michal Zalewski · cdoslinux
https://www.exploit-db.com/exploits/19850
This exploit targets a denial-of-service vulnerability in the X11 font server (xfs) on RedHat Linux 6.x. It sends malformed input to the font server via a Unix domain socket, causing it to crash due to improper input validation.
Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
X11 font server (xfs) on RedHat Linux 6.x
No auth needed
Prerequisites:
Access to the target system's Unix domain socket for the X11 font server
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (2)
Core 2
Core References
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1111
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html
Scores
EPSS
0.0070
EPSS Percentile
48.1%
Details
Status
published
Products (3)
redhat/linux
6.0 (3 CPE variants)
redhat/linux
6.1 (3 CPE variants)
redhat/linux
6.2 (3 CPE variants)
Published
Apr 16, 2000
Tracked Since
Feb 18, 2026