CVE Catalog

CVE-2000-0361

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.34%

25th percentile — higher than 25% of all known CVEs

Summary

The PPP wvdial.lxdialog script in wvdial version 1.4 and earlier creates a .config file with world readable permissions, allowing a local attacker in the dialout group to access login and password information.

Risk Assessment

An attacker could gain access to sensitive data, potentially leading to unauthorized access to the system or services.

Recommendation

It is recommended to restrict permissions on the .config file and update wvdial to the latest version to minimize risk.

Original NVD description (English source)

The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS