Vulnerability Name: | CVE-1999-0096 (CCN-126) |
Assigned: | 1990-01-01 |
Published: | 1990-01-01 |
Updated: | 2008-09-09 |
Summary: | Sendmail decode alias can be used to overwrite sensitive files.
|
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): Low Availibility (A): None |
|
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): None | 5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
| Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): None |
|
Vulnerability Type: | CWE-Other
|
Vulnerability Consequences: | File Manipulation |
References: | Source: MITRE Type: CNA CVE-1999-0096
Source: CCN Type: Sun Microsystems, Inc. Security Bulletin #00122 New security patches for tar and sendmail
Source: SUN Type: UNKNOWN 00122
Source: CCN Type: CIAC Information Bulletin A-13 Vulnerability in DECODE alias
Source: CCN Type: CIAC Information Bulletin A-14 Additional information on the vulnerability in the UNIX DECODE alias
Source: CCN Type: OSVDB ID: 196 Sendmail decode Alias Arbitrary File Overwrite
Source: XF Type: UNKNOWN smtp-dcod(126)
|
Vulnerable Configuration: | Configuration 1: cpe:/o:bsdi:bsd_os:*:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*OR cpe:/o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*OR cpe:/o:sco:internet_faststart:1.0:*:*:*:*:*:*:*OR cpe:/o:sco:internet_faststart:1.1:*:*:*:*:*:*:*OR cpe:/o:sco:openserver:5.0:*:*:*:*:*:*:*OR cpe:/o:sco:openserver:5.0.2:*:*:*:*:*:*:* Configuration CCN 1: cpe:/a:sendmail:sendmail:*:*:*:*:*:*:*:*AND cpe:/o:ibm:aix:*:*:*:*:*:*:*:*OR cpe:/o:windriver:bsdos:*:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*OR cpe:/o:sgi:irix:*:*:*:*:*:*:*:*OR cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*OR cpe:/o:sun:solaris:*:*:*:*:*:*:*:*OR cpe:/a:data_general:dg_ux:*:*:*:*:*:*:*:*OR cpe:/o:sco:unix:*:*:*:*:*:*:*:*OR cpe:/o:compaq:tru64:*:*:*:*:*:*:*:*
Denotes that component is vulnerable |
BACK |