Lucene search

[email protected]CVE-1999-1496

HistorySep 12, 2001 - 4:00 a.m.

CVE-1999-1496

2001-09-1204:00:00

[email protected]

web.nvd.nist.gov

cve-1999-1496

debian linux 2.1

red hat 6.0

sudo 1.5

arbitrary file detection

nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.

Affected configurations

NVD

Node

todd_millersudoMatch1.5

Node

debiandebian_linuxMatch2.1

redhatlinuxMatch6.0

CPENameOperatorVersion
todd_miller:sudotodd miller sudoeq1.5

CPE	Name	Operator	Version
todd_miller:sudo	todd miller sudo	eq	1.5

References

www.securityfocus.com/archive/1/14665

www.securityfocus.com/bid/321

exchange.xforce.ibmcloud.com/vulnerabilities/2277

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-1999-1496

nvd1 cvelist1