Lucene search

[email protected]CVE-1999-0864

HistoryJun 02, 2000 - 4:00 a.m.

CVE-1999-0864

2000-06-0204:00:00

[email protected]

web.nvd.nist.gov

cve-1999-0864

unixware

local user

symlink attack

core dump

file modification

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.

Affected configurations

NVD

Node

scounixwareMatch7.0

scounixwareMatch7.0.1

scounixwareMatch7.1

scounixwareMatch7.1.1

CPENameOperatorVersion
sco:unixwaresco unixwareeq7.0
sco:unixwaresco unixwareeq7.0.1
sco:unixwaresco unixwareeq7.1
sco:unixwaresco unixwareeq7.1.1

CPE	Name	Operator	Version
sco:unixware	sco unixware	eq	7.0
sco:unixware	sco unixware	eq	7.0.1
sco:unixware	sco unixware	eq	7.1
sco:unixware	sco unixware	eq	7.1.1

References

marc.info/?l=bugtraq&m=94530783815434&w=2

marc.info/?l=bugtraq&m=94581379905584&w=2

marc.info/?l=bugtraq&m=94606167110764&w=2

www.securityfocus.com/bid/851

www.securityfocus.com/templates/archive.pike?list=1&msg=19991203020720.13115.qmail%40nwcst289.netaddress.usa.net

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-1999-0864

nvd1 cvelist1