CVE-2000-0763

xlockmore/xlockf < unknown - Privilege Escalation

Title source: llm

Description

xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Ben Williams · clocalunix

https://www.exploit-db.com/exploits/20154

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by noir · clocalunix

https://www.exploit-db.com/exploits/20153

View Code ZIP pw:eip

References (6)

[Patch, Vendor Advisory] http://www.debian.org/security/2000/20000816

[Patch, Vendor Advisory] http://archives.neohapsis.com/archives/freebsd/2000-08/0340.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000815231724.A14694%40subterrain.net

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2000-08/0294.html

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/1585

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2000-08/0212.html

Scores

EPSS 0.0061

EPSS Percentile 69.9%

Details

Status published

Products (2)

david_bagley/xlock 4.16

david_bagley/xlock 4.16.1

Published Oct 20, 2000

Tracked Since Feb 18, 2026