rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=87602167420509&w=2 |
Configurations
Configuration 1 (hide)
|
Information
Published : 1997-02-02 21:00
Updated : 2016-10-17 19:02
NVD link : CVE-1999-1299
Mitre link : CVE-1999-1299
JSON object : View
CWE
Products Affected
redhat
- linux
slackware
- slackware_linux