| Vulnerability Name: | CVE-1999-1415 (CCN-515) | ||||||||
| Assigned: | 1991-08-23 | ||||||||
| Published: | 1991-08-23 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges. | ||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: SGI Security Advisory 19950126-01-A CERT CA-95:02 Vulnerabilities in /bin/mail Source: CCN Type: SGI Security Advisory 19950126-01-I CERT CA-95:02 Vulnerabilities in /bin/mail Source: MITRE Type: CNA CVE-1999-1415 Source: MITRE Type: CNA CVE-1999-1438 Source: CCN Type: Sun Microsystems, Inc. Security Bulletin #00105 /bin/mail can be caused to invoke a root shell if given the (im)proper arguments. Source: CCN Type: CERT Advisory CA-1995-02 Vulnerabilities in /bin/mail Source: CCN Type: CERT Advisory CA-1991-01 REVISED SunOS /bin/mail Vulnerability Source: CCN Type: CERT Advisory CA-1991-13 DEC ULTRIX /usr/bin/mail Vulnerability Source: CERT Type: Patch, Third Party Advisory, US Government Resource CA-91.13 Source: CCN Type: CIAC Information Bulletin B-32 Critical Facts about /usr/bin/mail Security Problem Source: CCN Type: OSVDB ID: 8742 SunOS /bin/mail Command Line Privilege Escalation Source: CCN Type: OSVDB ID: 8749 Ultrix /usr/bin/mail Local Privilege Escalation Source: CCN Type: BID-15 SunOS /bin/mail Vulnerability Source: BID Type: UNKNOWN 27 Source: CCN Type: BID-27 Ultrix /usr/bin/mail Vulnerability Source: CCN Type: Sendmail Consortium Web site Welcome to sendmail.org Source: XF Type: UNKNOWN bsd-binmail(515) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||