Vulnerability Name:
CVE-1999-0073 (CCN-67)
Assigned:
1995-10-13
Published:
1995-10-13
Updated:
2022-08-17
Summary:
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.
CVSS v3 Severity:
10.0 Critical
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Changed
Impact Metrics:
Confidentiality (C):
High
Integrity (I):
High
Availibility (A):
High
CVSS v2 Severity:
10.0 High
(CVSS v2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
10.0 High
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Complete
Integrity (I):
Complete
Availibility (A):
Complete
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Gain Access
References:
Source: CCN
Type: SGI Security Advisory 19951101-01-P1010o1020
Telnetd vulnerability reported by MIT
Source: MITRE
Type: CNA
CVE-1999-0073
Source: CCN
Type: CERT Advisory CA-1995-14
Telnetd Environment Vulnerability
Source: CCN
Type: OSVDB ID: 1008
Multiple Vendor telnetd LD_LIBRARY_PATH Environment Variable Privilege Escalation
Source: CCN
Type: BID-459
Multiple Vendor telnetd Vulnerability
Source: XF
Type: UNKNOWN
linkerbug(67)
Source: MISC
Type: UNKNOWN
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0073
Vulnerable Configuration:
Configuration 1
:
cpe:/o:sgi:irix:6.0.1:*:xfs:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.3:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.0.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.0.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.1.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.0:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.2:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.0:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.3:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:5.3:*:xfs:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.2:*:*:*:*:*:*:*
Configuration 2
:
cpe:/o:digital:osf_1:1.3:*:*:*:*:*:*:*
OR
cpe:/o:digital:unix:4.0:*:*:*:*:*:*:*
OR
cpe:/o:digital:osf_1:3.0:*:*:*:*:*:*:*
OR
cpe:/o:digital:osf_1:3.2:*:*:*:*:*:*:*
OR
cpe:/o:digital:osf_1:2.0:*:*:*:*:*:*:*
OR
cpe:/o:digital:unix:3.2g:*:*:*:*:*:*:*
OR
cpe:/o:digital:osf_1:1.2:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/o:nec:ews-ux_v:*:*:*:*:*:*:*:*
OR
cpe:/o:nec:up-ux_v:*:*:*:*:*:*:*:*
OR
cpe:/o:nec:asl_ux_4800:*:*:*:*:*:*:*:*
AND
cpe:/o:ibm:aix:*:*:*:*:*:*:*:*
OR
cpe:/o:windriver:bsdos:*:*:*:*:*:*:*:*
OR
cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:*:*:*:*:*:*:*:*
OR
cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*
OR
cpe:/o:sun:solaris:*:*:*:*:*:*:*:*
OR
cpe:/a:data_general:dg_ux:*:*:*:*:*:*:*:*
OR
cpe:/o:sco:unix:*:*:*:*:*:*:*:*
OR
cpe:/o:compaq:tru64:*:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
sgi
irix 6.0.1
sgi
irix 5.3
sgi
irix 6.0.1
sgi
irix 6.1
sgi
irix 5.0.1
sgi
irix 5.1.1
sgi
irix 5.0
sgi
irix 5.1
sgi
irix 5.2
sgi
irix 6.0
sgi
irix 6.3
sgi
irix 5.3
sgi
irix 6.2
digital
osf 1 1.3
digital
unix 4.0
digital
osf 1 3.0
digital
osf 1 3.2
digital
osf 1 2.0
digital
unix 3.2g
digital
osf 1 1.2
nec
ews-ux v *
nec
up-ux v *
nec
asl ux 4800 *
ibm
aix *
windriver
bsdos *
hp
hp-ux *
sgi
irix *
linux
linux kernel *
sun
solaris *
data_general
dg ux *
sco
unix *
compaq
tru64 *
Denotes that component is vulnerable