CVE-1999-0298

Published Feb 5, 1997

Last updated 3 months ago

CVSS info 7.5

Overview

Description: ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:slackware:slackware_linux:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3698FC7-C9A6-4AA5-8569-CF96128A63AE"
          },
          {
            "criteria": "cpe:2.3:o:slackware:slackware_linux:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5A8D289-2310-4583-95F0-0CB940B6CBF1"
          },
          {
            "criteria": "cpe:2.3:o:slackware:slackware_linux:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6325268D-C355-4DD3-A839-6C3CF5435B0C"
          },
          {
            "criteria": "cpe:2.3:o:sun:sunos:4.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "615FA6E4-4DE0-422A-9220-F747D95192C9"
          },
          {
            "criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References