Vulnerability Description
SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a root or Administrator compromise.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cabletron | Spectrum Enterprise Manager | 5.0 |
References
- http://marc.info/?l=bugtraq&m=93024398513475&w=2
- http://marc.info/?l=bugtraq&m=93024398713491&w=2
- http://www.securityfocus.com/bid/495PatchVendor Advisory
- http://marc.info/?l=bugtraq&m=93024398513475&w=2
- http://marc.info/?l=bugtraq&m=93024398713491&w=2
- http://www.securityfocus.com/bid/495PatchVendor Advisory
FAQ
What is CVE-1999-1019?
CVE-1999-1019 is a vulnerability with a CVSS score of 7.2 (HIGH). SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan hor...
How severe is CVE-1999-1019?
CVE-1999-1019 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1019?
Check the references section above for vendor advisories and patch information. Affected products include: Cabletron Spectrum Enterprise Manager.