Lucene search

[email protected]CVE-1999-0388

HistoryJan 01, 1999 - 5:00 a.m.

CVE-1999-0388

1999-01-0105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-0388

datalynx

suguard

path environment variable

local users

root commands

nvd

7.7 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

JSON

DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root.

CPENameOperatorVersion
datalynx:suguarddatalynx suguardeq1.0

CPE	Name	Operator	Version
datalynx:suguard	datalynx suguard	eq	1.0

References

www.osvdb.org/3186

7.7 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

0.4%

JSON