CVE-2000-0607

Debian Linux - Buffer Overflow in KON fld via Long CHARSET Settings

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0607. PoCs published by E-Ligth.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the KON (Kanji On Console) package's 'fld' binary, which is setuid root. It crafts a malicious environment variable to overflow the buffer and execute shellcode, spawning a root shell.

Description

Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.

Exploits (1)

exploitdb WORKING POC VERIFIED
by E-Ligth · clocallinux
https://www.exploit-db.com/exploits/20024

This exploit targets a buffer overflow vulnerability in the KON (Kanji On Console) package's 'fld' binary, which is setuid root. It crafts a malicious environment variable to overflow the buffer and execute shellcode, spawning a root shell.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: KON (Kanji On Console) fld binary
No auth needed
Prerequisites: Presence of vulnerable KON package with setuid 'fld' binary · Ability to execute the exploit on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1371

Scores

EPSS 0.0111
EPSS Percentile 61.9%

Details

Status published
Products (12)
debian/debian_linux 2.0
debian/debian_linux 2.1
debian/debian_linux 2.2
debian/debian_linux 2.3
mandrakesoft/mandrake_linux 6.1
mandrakesoft/mandrake_linux 7.0
mandrakesoft/mandrake_linux 7.1
redhat/linux 5.0
redhat/linux 5.1
redhat/linux 5.2
... and 2 more
Published Jun 21, 2000
Tracked Since Feb 18, 2026