Lucene search

[email protected]CVE-1999-1318

HistorySep 17, 1993 - 4:00 a.m.

CVE-1999-1318

1993-09-1704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sunos 4.1.3

/usr/5bin/su

privilege escalation

local user

trojan horses.

7.3 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.0%

JSON

/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs.

CPENameOperatorVersion
sun:sunossun sunosle4.1.3
sun:sunossun sunoseq4.1.1
sun:sunossun sunoseq4.1.2
sun:sunossun sunoseq4.1.3c

CPE	Name	Operator	Version
sun:sunos	sun sunos	le	4.1.3
sun:sunos	sun sunos	eq	4.1.1
sun:sunos	sun sunos	eq	4.1.2
sun:sunos	sun sunos	eq	4.1.3c

References

sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F100630&zone_32=112193%2A%20

www.iss.net/security_center/static/7480.php

7.3 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.0%

JSON