CVE-2002-1199
Published Oct 28, 2002
Last updated 6 years ago
Overview
- Description
- The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86288A2E-B1BD-4DA9-BCCC-35AC44EEDD52"
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6"
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A63714ED-A697-4AC3-AF13-3B028F9A87EF"
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8BA72B4-C4AF-41C6-92ED-30B286E00EF5"
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3"
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BBC635C0-2B09-41F5-8160-365EC8642F89"
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6"
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759"
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224"
}
],
"operator": "OR"
}
]
}
]