Vulnerability Description
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
CVSS Score
6.2
MEDIUM
AV:L/AC:H/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Sunos | 4.1 |
References
- http://www.dataguard.no/bugtraq/1994_4/0755.htmlPatchVendor Advisory
- http://www2.dataguard.no/bugtraq/1994_2/0197.htmlExploitPatchVendor Advisory
- http://www2.dataguard.no/bugtraq/1994_2/0207.htmlPatch
- http://www.dataguard.no/bugtraq/1994_4/0755.htmlPatchVendor Advisory
- http://www2.dataguard.no/bugtraq/1994_2/0197.htmlExploitPatchVendor Advisory
- http://www2.dataguard.no/bugtraq/1994_2/0207.htmlPatch
FAQ
What is CVE-1999-1388?
CVE-1999-1388 is a vulnerability with a CVSS score of 6.2 (MEDIUM). passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
How severe is CVE-1999-1388?
CVE-1999-1388 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1388?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Sunos.