Lucene search

[email protected]CVE-1999-1391

HistoryOct 03, 1990 - 4:00 a.m.

CVE-1999-1391

1990-10-0304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-1391

next 1.0a

next 1.0

vulnerability

local privilege escalation

npd program.

7.3 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions.

CPENameOperatorVersion
next:nextnexteq1.0a
next:nextnexteq1.0

CPE	Name	Operator	Version
next:next	next	eq	1.0a
next:next	next	eq	1.0

References

ciac.llnl.gov/ciac/bulletins/b-01.shtml

www.cert.org/advisories/CA-1990-06.html

www.iss.net/security_center/static/7143.php

www.securityfocus.com/bid/10

7.3 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON