CVE-2000-0293

SuSE Linux <6.3 - Local File Deletion

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0293. PoCs published by Peter_M.

AI-analyzed exploit summary This exploit leverages a vulnerability in SuSE Linux 6.3 and prior where setting MAX_DAYS_IN_TMP in /etc/rc.config allows local users to delete arbitrary files in the root directory. The PoC creates a directory with a space in its name to bypass the intended cleanup mechanism.

Description

aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Peter_M · textlocallinux
https://www.exploit-db.com/exploits/19867

This exploit leverages a vulnerability in SuSE Linux 6.3 and prior where setting MAX_DAYS_IN_TMP in /etc/rc.config allows local users to delete arbitrary files in the root directory. The PoC creates a directory with a space in its name to bypass the intended cleanup mechanism.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: SuSE Linux 6.3 and prior
Auth required
Prerequisites: Local access to the system · MAX_DAYS_IN_TMP set to a value greater than 0 in /etc/rc.config
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1130

Scores

EPSS 0.0069
EPSS Percentile 48.5%

Details

Status published
Products (5)
suse/suse_linux 6.0
suse/suse_linux 6.1 (2 CPE variants)
suse/suse_linux 6.2
suse/suse_linux 6.3 (3 CPE variants)
suse/suse_linux 6.4
Published May 02, 2000
Tracked Since Feb 18, 2026