Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0405 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux

8 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.4%

top 40.63%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Debian Linux Freebsd Redhat Linux +1 more

Timeline

PublishedFeb 18

Latest updateApr 30

Description

A buffer overflow in lsof allows local users to obtain root privilege.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDredhat/linux5.2

▶NVDsuse/suse_linux10 versions+9

Also affects: Freebsd 2.0, 2.0.5, 2.1.0, 2.1.5, 2.1.6, 2.1.7.1, 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.8, 3.0, 3.1, 3.2, Debian Linux 2.0, 2.0.5

🔴Vulnerability Details

GHSA

GHSA-72r6-cpj9-gh8x: A buffer overflow in lsof allows local users to obtain root privilege↗2022-04-30

▶

CVEList

CVE-1999-0405: A buffer overflow in lsof allows local users to obtain root privilege↗1999-09-29

▶

💥Exploits & PoCs

Exploit-DB

Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (3)↗2000-05-16

▶

Exploit-DB

Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (1)↗2000-05-16

▶

Exploit-DB

Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (2)↗2000-05-16

▶

Exploit-DB

Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E 6.1 - 'Lsof' Local Buffer Overflow (2)↗1999-02-17

▶

Exploit-DB

Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E 6.1 - 'Lsof' Local Buffer Overflow (1)↗1999-02-17

▶