| Vulnerability Name: | CVE-1999-1496 (CCN-2277) | ||||||||
| Assigned: | 1999-06-08 | ||||||||
| Published: | 1999-06-08 | ||||||||
| Updated: | 2017-12-19 | ||||||||
| Summary: | Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-1999-1496 Source: CCN Type: BugTraq Mailing List, 1999-06-08 19:23:55 unneeded information in sudo Source: CCN Type: OSVDB ID: 9052 sudo File Existence Information Disclosure Source: BUGTRAQ Type: Exploit, Vendor Advisory 19990608 unneeded information in sudo Source: BID Type: Vendor Advisory 321 Source: CCN Type: BID-321 Sudo Private File Existance Information Leakage Vulnerability Source: XF Type: UNKNOWN sudo-file-exists(2277) Source: XF Type: UNKNOWN sudo-file-exists(2277) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||