CVE-2000-0361 in Linux
Summary
by MITRE
The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 04/19/2026
The vulnerability identified as CVE-2000-0361 represents a critical security flaw in the wvdial package version 1.4 and earlier, specifically within the PPP wvdial.lxdialog script implementation. This issue arises from improper permission handling during the creation of configuration files, creating a persistent security risk for systems utilizing dial-up networking capabilities. The vulnerability affects systems where users belong to the dialout group, which is typically required for dial-up modem access and PPP connections.
The technical root cause of this vulnerability stems from the script's failure to properly set file permissions when generating the .config file. The wvdial.lxdialog script, which serves as a configuration utility for the wvdial package, creates a configuration file that contains sensitive authentication credentials including usernames and passwords. Due to insufficient permission setting, this .config file is created with world-readable permissions, meaning any user within the dialout group can access the file and extract the stored credentials. This represents a classic privilege escalation vulnerability where local users can gain unauthorized access to information they should not be able to read.
The operational impact of this vulnerability extends beyond simple information disclosure, as it enables attackers to compromise the authentication mechanisms of dial-up connections. Attackers with membership in the dialout group can easily extract login credentials and use them to establish unauthorized connections to remote servers or networks. This vulnerability directly violates security principles of least privilege and proper access control, as the configuration file contains sensitive information that should only be accessible to the user who created it or system administrators. The vulnerability affects systems running wvdial 1.4 and earlier versions, making it particularly relevant to legacy systems that have not been updated.
From a cybersecurity perspective, this vulnerability aligns with CWE-732: Incorrect Permission Assignment for Critical Resource, which specifically addresses situations where critical system resources are created with insecure permissions. The attack pattern follows the ATT&CK framework's privilege escalation techniques, particularly T1068: Exploitation for Privilege Escalation, where local attackers leverage misconfigured permissions to access sensitive data. The vulnerability also demonstrates the importance of proper input validation and secure coding practices, as the issue could have been prevented through appropriate file permission management during configuration file creation. Organizations should implement immediate mitigations including updating to wvdial versions 1.5 and later, where the vulnerability has been addressed, and conducting security audits to ensure no other similar permission issues exist in the system configuration.
The remediation approach involves upgrading the wvdial package to version 1.5 or later, where the script properly sets restrictive permissions on the generated .config file. System administrators should also review and audit existing .config files to ensure they are not accessible to unauthorized users. Additionally, implementing proper access controls and monitoring for unauthorized file access attempts can help detect potential exploitation of this vulnerability. The vulnerability highlights the importance of maintaining up-to-date security software and conducting regular security assessments to identify and remediate similar issues in network configuration tools.