| Vulnerability Name: | CVE-1999-1041 (CCN-1379) | ||||||||
| Assigned: | 1998-08-27 | ||||||||
| Published: | 1998-08-27 | ||||||||
| Updated: | 2016-10-18 | ||||||||
| Summary: | Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: SCO Type: UNKNOWN SB-98.05a Source: CCN Type: BugTraq Mailing List, Thu, 27 Aug 1998 14:08:48 -0400 SCO mscreen vul. Source: CCN Type: BugTraq Mailing List, Sat, 26 Sep 1998 12:20:04 +0400 Root exploit for SCO OpenServer. Source: MITRE Type: CNA CVE-1999-1041 Source: MITRE Type: CNA CVE-1999-1185 Source: CCN Type: CERT Vendor-Initiated Bulletin VB-98.10 Security Vulnerabilities in "mscreen" Serial Multiscreens Utility Source: BUGTRAQ Type: UNKNOWN 19980926 Root exploit for SCO OpenServer. Source: CERT Type: Patch, Third Party Advisory, US Government Resource VB-98.10 Source: CCN Type: OSVDB ID: 8791 SCO UNIX / OpenServer mscreen Multiple Vector Local Overflow Source: CCN Type: SCO Security Web site Security Fixes Source: BUGTRAQ Type: Vendor Advisory 19980827 SCO mscreen vul. Source: XF Type: UNKNOWN sco-openserver-mscreen-bo(1379) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||