CVE-1999-1138
published 1993-09-17CVE-1999-1138: SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which…
PriorityP429critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
1.58%
72.4th percentile
SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sco | open_desktop | — | — |
| sco | open_desktop | — | — |
| sco | open_desktop | — | — |
| sco | open_desktop_lite | — | — |
| sco | openserver | — | — |
| sco | unix | — | — |
| sco | unix | — | — |
| sco | unix | — | — |
| sco | unix | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
SCO Unix Temporary Folder Installer privileges management (CA-1993-13 / XFDB-546)
vuldb·2026-04-16·CVSS 10.0
CVE-1999-1138 [CRITICAL] SCO Unix Temporary Folder Installer privileges management (CA-1993-13 / XFDB-546)
A vulnerability classified as problematic has been found in SCO Unix. Affected by this issue is some unknown functionality of the component Temporary Folder Installer. This manipulation causes improper privilege management.
This vulnerability appears as CVE-1999-1138. The attack may be initiated remotely. There is no available exploit.
GHSA
GHSA-xjv5-hx29-64jx: SCO UNIX System V/386 Release 3
ghsa_unreviewed·2022-04-30
CVE-1999-1138 [HIGH] GHSA-xjv5-hx29-64jx: SCO UNIX System V/386 Release 3
SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
1993-09-17
Published