CVE-2000-0365 in Linux
Summary
by MITRE
Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 04/19/2026
The vulnerability described in CVE-2000-0365 represents a critical privilege escalation issue within the Red Hat Linux 6.0 operating system that stems from improper file system permissions. This flaw specifically affects the /dev/pts file system which is used for pseudo-terminal devices in Unix-like systems, creating a pathway for local attackers to gain unauthorized access to terminal devices and potentially escalate their privileges. The issue manifests when the system initializes the pseudo-terminal subsystem with overly permissive access controls that do not adequately restrict user access to terminal device files.
The technical root cause of this vulnerability lies in the improper configuration of the devpts file system mount options during the Linux kernel initialization process. When Red Hat Linux 6.0 mounts the devpts file system, it does not enforce proper permission controls that would normally prevent non-privileged users from accessing or writing to terminal devices belonging to other users. This configuration flaw allows local users to exploit the insecure permissions and write to tty devices, potentially enabling them to intercept or manipulate terminal sessions. The vulnerability is classified under CWE-276 which specifically addresses improper file permissions and inadequate access control mechanisms.
The operational impact of this vulnerability extends beyond simple privilege escalation as it provides attackers with the capability to manipulate terminal sessions and potentially gain deeper system access. Local users who exploit this vulnerability can write to other users' terminal devices, which could lead to session hijacking, data interception, or the execution of malicious commands through terminal-based applications. The threat model for this vulnerability aligns with ATT&CK technique T1068 which covers local privilege escalation through improper file permissions and access controls. This weakness creates a persistent security risk that can be exploited repeatedly by any local user with access to the system, making it particularly dangerous in multi-user environments.
Mitigation strategies for this vulnerability require immediate system updates and proper configuration of the devpts file system mount options. System administrators should ensure that the devpts file system is mounted with appropriate security parameters that restrict access to terminal devices based on user permissions and session contexts. The recommended approach involves modifying the mount options to enforce stricter access controls and implementing proper user namespace isolation. Additionally, regular security audits should verify that the system maintains secure file system permissions and that no unauthorized modifications have been made to the devpts configuration. This vulnerability highlights the importance of proper security hardening during system installation and configuration phases, as the issue stems from default insecure settings rather than a complex exploitation technique. Organizations should also implement monitoring solutions to detect unauthorized access attempts to terminal devices and maintain up-to-date security patches to prevent similar issues in other system components.