CVE-2000-0530

KDE 1.1.2 - Local Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2000-0530. PoCs published by IhaQueR, kil3r.

AI-analyzed exploit summary This exploit leverages a vulnerability in KDE's configuration-file management (CVE-2000-0530) to perform a local privilege escalation. It manipulates symbolic links and file ownership to gain root access by modifying the /etc/passwd file and creating a setuid root shell.

Description

The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.

Exploits (3)

exploitdb WORKING POC VERIFIED
by IhaQueR · bashlocallinux
https://www.exploit-db.com/exploits/19981

This exploit leverages a vulnerability in KDE's configuration-file management (CVE-2000-0530) to perform a local privilege escalation. It manipulates symbolic links and file ownership to gain root access by modifying the /etc/passwd file and creating a setuid root shell.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: KTVision <= 0.1.1-271 (KDE)
No auth needed
Prerequisites: Local access to the system · KTVision binary must be setuid root · X server must be running
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by kil3r · perllocallinux
https://www.exploit-db.com/exploits/19980

This exploit leverages a race condition in KDE's configuration file management (CVE-2000-0530) to hijack file ownership via symlink attacks. It compiles a malicious shared library to escalate privileges and spawns a root shell by manipulating `ld.so.preload`.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: KDE (ktuner, setuid-root programs)
No auth needed
Prerequisites: Local access · Vulnerable setuid-root KDE program (e.g., ktuner) · Write permissions in /tmp · Compiler toolchain (gcc)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by kil3r · perllocallinux
https://www.exploit-db.com/exploits/19979

This exploit leverages a vulnerability in KDE's configuration-file management (CVE-2000-0530) to achieve local privilege escalation. It manipulates the creation of configuration files via the KApplication class, allowing an attacker to change ownership of arbitrary files and ultimately gain a root shell.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: KDE (ktvision, setuid root programs)
No auth needed
Prerequisites: Local access to the system · ktvision or another setuid root KDE program must be installed and vulnerable
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Various Sources vendor-advisory x_refsource_caldera
ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt
Exploit, Patch, Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/4583
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1291
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2000-032.html

Scores

EPSS 0.0118
EPSS Percentile 63.6%

Details

Status published
Products (2)
caldera/openlinux 2.4
kde/kde 1.1.2
Published May 31, 2000
Tracked Since Feb 18, 2026