ID CVE-1999-0091
Type cve
Reporter cve@mitre.org
Modified 2008-09-09T12:33:00
Description
Buffer overflow in AIX writesrv command allows local users to obtain root access.
{"id": "CVE-1999-0091", "bulletinFamily": "NVD", "title": "CVE-1999-0091", "description": "Buffer overflow in AIX writesrv command allows local users to obtain root access.", "published": "1997-10-28T05:00:00", "modified": "2008-09-09T12:33:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0091", "reporter": "cve@mitre.org", "references": [], "cvelist": ["CVE-1999-0091"], "type": "cve", "lastseen": "2020-10-03T11:36:55", "edition": 3, "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:995"]}], "modified": "2020-10-03T11:36:55", "rev": 2}, "score": {"value": 6.6, "vector": "NONE", "modified": "2020-10-03T11:36:55", "rev": 2}, "vulnersScore": 6.6}, "cpe": ["cpe:/o:ibm:aix:4.1.5", "cpe:/o:ibm:aix:4.2", "cpe:/o:ibm:aix:4.1.1", "cpe:/o:ibm:aix:4.1", "cpe:/o:ibm:aix:4.1.2", "cpe:/o:ibm:aix:4.1.3", "cpe:/o:ibm:aix:4.1.4", "cpe:/o:ibm:aix:4.2.1"], "affectedSoftware": [{"cpeName": "ibm:aix", "name": "ibm aix", "operator": "eq", "version": "4.2.1"}, {"cpeName": "ibm:aix", "name": "ibm aix", "operator": "eq", "version": "4.2"}, {"cpeName": "ibm:aix", "name": "ibm aix", "operator": "eq", "version": "4.1.4"}, {"cpeName": "ibm:aix", "name": "ibm aix", "operator": "eq", "version": "4.1"}, {"cpeName": "ibm:aix", "name": "ibm aix", "operator": "eq", "version": "4.1.1"}, {"cpeName": "ibm:aix", "name": "ibm aix", "operator": "eq", "version": "4.1.2"}, {"cpeName": "ibm:aix", "name": "ibm aix", "operator": "eq", "version": "4.1.5"}, {"cpeName": "ibm:aix", "name": "ibm aix", "operator": "eq", "version": "4.1.3"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}}
{"osvdb": [{"lastseen": "2017-04-28T13:19:55", "bulletinFamily": "software", "cvelist": ["CVE-1999-0091"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://www-1.ibm.com/services/continuity/recover1.nsf/MSS/ERS-SVA-E01-1997.005.1/$file/ERS-SVA-E01-1997_005_1.txt)\nISS X-Force ID: 2295\n[CVE-1999-0091](https://vulners.com/cve/CVE-1999-0091)\nBugtraq ID: 399\n", "modified": "1997-10-28T00:00:00", "published": "1997-10-28T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:995", "id": "OSVDB:995", "title": "AIX writesrv Local Overflow", "type": "osvdb", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}