| Vulnerability Name: | CVE-1999-1391 (CCN-7143) | ||||||||
| Assigned: | 1990-10-03 | ||||||||
| Published: | 1990-10-03 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: CIAC Information Bulletin B-01 Security Problem on the NeXT Operating System Source: CIAC Type: Patch, Vendor Advisory B-01 Source: MITRE Type: CNA CVE-1999-1391 Source: CCN Type: CERT Advisory CA-1990-06 NeXT's System Software Source: CERT Type: Patch, Third Party Advisory, US Government Resource CA-1990-06 Source: XF Type: UNKNOWN nextstep-npd-root-access(7143) Source: CCN Type: OSVDB ID: 8768 NeXTstep npd Local Privilege Escalation Source: BID Type: UNKNOWN 10 Source: CCN Type: BID-10 NeXTstep npd Vulnerability Source: CCN Type: BID-1000 Microsoft Windows Media Services Handshake Sequence DoS Vulnerability Source: CCN Type: BID-10002 cPanel Multiple Module Cross-Site Scripting Vulnerabilities Source: CCN Type: BID-10003 TCPDump ISAKMP Delete Payload Buffer Overrun Vulnerability Source: CCN Type: BID-10004 TCPDump ISAKMP Identification Payload Integer Underflow Vulnerability Source: CCN Type: BID-10005 Interchange Remote Information Disclosure Vulnerability Source: CCN Type: BID-10007 Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability Source: CCN Type: BID-10008 MPlayer Remote HTTP Header Buffer Overflow Vulnerability Source: CCN Type: BID-10009 Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability Source: CCN Type: BID-1001 InterAccess TelnetD Server 4.0 Terminal Configuration Vulnerability Source: CCN Type: BID-10010 LinBit Technologies LINBOX Officeserver Remote Authentication Bypass Vulnerability Source: CCN Type: BID-10013 PHPKit Multiple HTML Injection Vulnerabilities Source: CCN Type: BID-10017 JamesOff QuoteEngine Multiple Parameter Unspecified SQL Injection Vulnerability Source: CCN Type: BID-10018 MadBMS Unspecified Login Vulnerability Source: CCN Type: BID-10019 Cactusoft CactuShop SQL Injection Vulnerability Source: CCN Type: BID-1002 Sambar Server Batch CGI Vulnerability Source: CCN Type: BID-10020 CactuSoft CactuShop Cross-Site Scripting Vulnerability Source: CCN Type: BID-10022 Roger Wilco Server UDP Datagram Handling Denial Of Service Vulnerability Source: CCN Type: BID-10024 Roger Wilco Information Disclosure Vulnerability Source: CCN Type: BID-10025 Roger Wilco Server Unauthorized Audio Stream Denial Of Service Vulnerability Source: CCN Type: BID-10026 ADA IMGSVR Remote Directory Listing Vulnerability Source: CCN Type: BID-10027 ADA IMGSVR Remote File Download Vulnerability Source: CCN Type: BID-10028 OpenBSD ISAKMPD Zero Payload Length Denial Of Service Vulnerability Source: CCN Type: BID-1003 FTPx FTP Explorer Weak Password Encryption Vulnerability Source: CCN Type: BID-10033 HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability Source: CCN Type: BID-10036 Macromedia Dreamweaver Remote User Database Access Vulnerability Source: CCN Type: BID-10037 SGI IRIX ftpd Multiple Denial Of Service Vulnerabilities Source: XF Type: UNKNOWN nextstep-npd-root-access(7143) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||