CVE-1999-1468

rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.

CVSS v2.0 6.2 MEDIUM

6.2^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 1.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.cert.org/advisories/CA-91.20.rdist.vulnerability	Patch Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/31	Patch Vendor Advisory
http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-01.html
http://www.iss.net/security_center/static/7160.php
http://www.osvdb.org/8106

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:next:next:2.0:::::::*
	cpe:2.3:o:sgi:irix:3.3.3:::::::*
	cpe:2.3:a:next:next:2.1:::::::*
	cpe:2.3:o:sgi:irix:3.3:::::::*
	cpe:2.3:o:sgi:irix:3.3.1:::::::*
	cpe:2.3:o:sgi:irix:3.3.2:::::::*
	cpe:2.3:o:sgi:irix:4.0:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:cray:unicos:6.0e:::::::*
	cpe:2.3:o:sun:sunos:4.1.1:::::::*
	cpe:2.3:o:cray:unicos:6.1:::::::*
	cpe:2.3:o:sun:sunos:4.0.3:::::::*
	cpe:2.3:o:sun:sunos:4.0.3c:::::::*
	cpe:2.3:o:sun:sunos:4.1:::::::*
	cpe:2.3:o:cray:unicos:6.0:::::::*
	cpe:2.3:o:sun:sunos:4.1psr_a:::::::*

Information

Published : 1991-10-21 21:00

Updated : 2008-09-10 12:01

NVD link : CVE-1999-1468

Mitre link : CVE-1999-1468

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

cray

unicos

sgi

irix

sun

sunos

next

next

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.cert.org/advisories/CA-91.20.rdist.vulnerability", "name": "CA-91.20", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "refsource": "CERT"}, {"url": "http://www.securityfocus.com/bid/31", "name": "31", "tags": ["Patch", "Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-01.html", "name": "http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-01.html", "tags": [], "refsource": "MISC"}, {"url": "http://www.iss.net/security_center/static/7160.php", "name": "rdist-popen-gain-privileges(7160)", "tags": [], "refsource": "XF"}, {"url": "http://www.osvdb.org/8106", "name": "8106", "tags": [], "refsource": "OSVDB"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-1999-1468", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "MEDIUM", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "1991-10-22T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:next:next:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:3.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:next:next:2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:3.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:3.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sgi:irix:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:cray:unicos:6.0e:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:4.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:4.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:4.0.3c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cray:unicos:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:sun:sunos:4.1psr_a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-10T19:01Z"}