Vulnerability Name: | CVE-1999-0132 (CCN-401) |
Assigned: | 1993-06-01 |
Published: | 1993-06-01 |
Updated: | 2018-10-30 |
Summary: | Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
|
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)Exploitability Metrics: | Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): Low Integrity (I): None Availibility (A): None |
|
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)Exploitability Metrics: | Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): Partial Integrity (I): None Availibility (A): None | 2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)Exploitability Metrics: | Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
| Impact Metrics: | Confidentiality (C): Partial Integrity (I): None Availibility (A): None |
|
Vulnerability Type: | CWE-Other
|
Vulnerability Consequences: | File Manipulation |
References: | Source: CCN Type: SGI Security Advisory 19960802-01-I Vulnerability in expreserve
Source: MITRE Type: CNA CVE-1999-0132
Source: CCN Type: Hewlett-Packard Company Security Bulletin HPSBUX9607-033 Security Vulnerability in expreserve
Source: CCN Type: CERT Advisory CA-1996-19 Vulnerability in expreserve
Source: CERT Type: US Government Resource CA-1996-19
Source: OSVDB Type: UNKNOWN 11723
Source: CCN Type: OSVDB ID: 11723 expreserve Race Condition Arbitrary File Overwrite Privilege Escalation
Source: XF Type: UNKNOWN expreserve(401)
Source: XF Type: UNKNOWN expreserve(401)
|
Vulnerable Configuration: | Configuration 1: cpe:/o:hp:hp-ux:9:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10:*:*:*:*:*:*:*OR cpe:/o:sun:solaris:2.4:*:x86:*:*:*:*:*OR cpe:/o:sun:sunos:4.1.1:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:4.1.2:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:4.1.3:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:4.1.3c:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:5.0:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:5.1:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:5.2:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:5.3:*:*:*:*:*:*:*OR cpe:/o:sun:sunos:5.4:*:*:*:*:*:*:* Configuration CCN 1: cpe:/o:hp:hp-ux:10.00:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.01:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.10:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:10.20:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.01:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.00:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.03:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.04:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.05:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.06:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.07:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.08:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.09:*:*:*:*:*:*:*OR cpe:/o:hp:hp-ux:9.10:*:*:*:*:*:*:*
Denotes that component is vulnerable |
BACK |