| Vulnerability Name: | CVE-1999-1458 (CCN-3138) | ||||||||
| Assigned: | 1999-01-25 | ||||||||
| Published: | 1999-01-25 | ||||||||
| Updated: | 2017-12-19 | ||||||||
| Summary: | Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | ||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Mon, 25 Jan 1999 12:21:45 -0800 Digital Unix 4.0 exploitable buffer overflows Source: CCN Type: BugTraq Mailing List, Mon, 1 Feb 1999 13:41:25 -0800 Digital Unix Buffer Overflows: Exploits Source: CCN Type: CIAC Information Bulletin J-027 Digital Unix Vulnerabilities ( at , inc ) Source: MITRE Type: CNA CVE-1999-1458 Source: CCN Type: Compaq Services Software Patches Executable stacks allow suid applications to exploit security hole Source: CCN Type: Compaq Computer Corporation Advisory SSRT0583U DIGITAL UNIX at & inc V4.0, V4.0a, V4.0b, V4.0c, V4.0d, V4.0e - Potential Security Vulnerability Source: SCO Type: Patch, Vendor Advisory SSRT0583U Source: CCN Type: OSVDB ID: 8763 Digital Unix at Command Line Argument Privilege Escalation Source: BUGTRAQ Type: Exploit, Patch, Vendor Advisory 19990125 Digital Unix 4.0 exploitable buffer overflows Source: XF Type: UNKNOWN du-at(3138) Source: XF Type: UNKNOWN du-at(3138) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||