Vulnerability Name: | CVE-1999-0062 (CCN-1220) | ||||||||
Assigned: | 1998-08-03 | ||||||||
Published: | 1998-08-03 | ||||||||
Updated: | 2008-09-09 | ||||||||
Summary: | The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. | ||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: CCN Type: The OpenBSD Project FTP Server chpass.c patch source code Source: MITRE Type: CNA CVE-1999-0062 Source: CCN Type: Network Associates, Inc. COVERT Labs Security Advisory #28, August 3, 1998 Vulnerability in OpenBSD 2.3 chpass(1) Source: CCN Type: OpenBSD Web site OpenBSD Source: OSVDB Type: UNKNOWN 7559 Source: CCN Type: OSVDB ID: 7559 OpenBSD chpass File Descriptor Leak Privilege Escalation Source: XF Type: UNKNOWN openbsd-chpass(1220) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |