CVE-2000-0698

Minicom <1.82.1 - Local Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0698. PoCs published by Michal Zalewski.

AI-analyzed exploit summary The exploit demonstrates a vulnerability in Minicom where specifying a capture-file on the command line allows creating files with effective gid uucp, potentially leading to privilege escalation on systems using uucp services. The example shows how a file can be created with uucp group ownership, which could be exploited to overwrite critical files.

Description

Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Michal Zalewski · textlocallinux
https://www.exploit-db.com/exploits/20160

The exploit demonstrates a vulnerability in Minicom where specifying a capture-file on the command line allows creating files with effective gid uucp, potentially leading to privilege escalation on systems using uucp services. The example shows how a file can be created with uucp group ownership, which could be exploited to overwrite critical files.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Minicom V1.83.0
No auth needed
Prerequisites: Minicom installed with setgid uucp · Access to a system running uucp services
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/77361
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/5151
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/1599

Scores

EPSS 0.0439
EPSS Percentile 90.0%

Details

Status published
Products (4)
minicom/minicom 1.82.0
minicom/minicom 1.82.1
minicom/minicom 1.83.0
minicom/minicom 1.83.1
Published Oct 20, 2000
Tracked Since Feb 18, 2026