Lucene search

[email protected]CVE-1999-1026

HistoryDec 20, 1996 - 5:00 a.m.

CVE-1999-1026

1996-12-2005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

solaris 2.5 x86

aspppd

local users

root privileges

symlink attack

7.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.

CPENameOperatorVersion
sun:solarissun solariseq2.4
sun:solarissun solariseq2.5.1
sun:solarissun solariseq2.5

CPE	Name	Operator	Version
sun:solaris	sun solaris	eq	2.4
sun:solaris	sun solaris	eq	2.5.1
sun:solaris	sun solaris	eq	2.5

References

marc.info/?l=bugtraq&m=87602167420343&w=2

www.securityfocus.com/bid/292

7.4 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-1999-1026

cvelist1