Back
CVE-2000-1010
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
Published: Dec 11, 2000
Modified: Apr 16, 2026
CVSS Metrics
Affected Products (10)
| Vendor | Product | Version |
|---|---|---|
| openbsd | openbsd | 2.3 |
| openbsd | openbsd | 2.4 |
| openbsd | openbsd | 2.5 |
| openbsd | openbsd | 2.6 |
| openbsd | openbsd | 2.7 |
| redhat | linux | 5.0 |
| redhat | linux | 5.1 |
| redhat | linux | 5.2 |
| redhat | linux | 5.2 |
| redhat | linux | 5.2 |
GitHub Security Advisory GHSA-pjfm-8j94-x5vc
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote...
References (6)
- http://www.securityfocus.com/archive/1/137890 Vendor Advisory
- http://www.securityfocus.com/bid/1764 Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5344
- http://www.securityfocus.com/archive/1/137890 Vendor Advisory
- http://www.securityfocus.com/bid/1764 Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5344
Risk Scores
CVSS Score
10.0 / 10
EPSS Score
1.63%
Top 18% most likely to be exploited
Threat Score
40.5 / 100
Data Sources
NVD
EPSS
GitHub