CVE-1999-0298

3 documents3 sources

Severity

7.5HIGH

EPSS

1.6%

top 18.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Slackware Slackware Linux SUN Sunos

Timeline

PublishedFeb 5

Latest updateApr 30

Description

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDslackware/slackware_linux2.1, 2.2, 2.3+2

▶NVDsun/sunos4.1.3, 4.1.4+1

🔴Vulnerability Details

GHSA

GHSA-qmpj-76fg-rqm3: ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a↗2022-04-30

▶

CVEList

CVE-1999-0298: ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a↗2000-02-04

▶