Vulnerability Description
NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Netware | All versions |
References
- http://marc.info/?l=bugtraq&m=88427711321769&w=2
- http://marc.info/?l=bugtraq&m=90295697702474&w=2
- http://support.novell.com/cgi-bin/search/tidfinder.cgi?2940551PatchVendor Advisory
- http://www.iss.net/security_center/static/7246.php
- http://marc.info/?l=bugtraq&m=88427711321769&w=2
- http://marc.info/?l=bugtraq&m=90295697702474&w=2
- http://support.novell.com/cgi-bin/search/tidfinder.cgi?2940551PatchVendor Advisory
- http://www.iss.net/security_center/static/7246.php
FAQ
What is CVE-1999-1382?
CVE-1999-1382 is a vulnerability with a CVSS score of 7.2 (HIGH). NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting ...
How severe is CVE-1999-1382?
CVE-1999-1382 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1382?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Netware.