CVE-1999-1398

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-1999-1398
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.

6.2 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 1.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://marc.info/?l=bugtraq&m=87602167420921&w=2
http://www.insecure.org/sploits/irix.xfsdump.html
http://www.securityfocus.com/bid/472 Exploit Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:sgi:irix:5.0:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.0.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.1.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.3:*:xfs:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.0.1:*:xfs:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*
History

No history.

Information

Published : 1997-05-07 04:00

Updated : 2016-10-18 02:04

NVD link : CVE-1999-1398

Mitre link : CVE-1999-1398

CVE.ORG link : CVE-1999-1398

JSON object : View

Products Affected

sgi

  • irix
CWE
NVD-CWE-Other