CVE-1999-1288

3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.1%
top 78.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Caldera OpenlinuxSamba Samba
Timeline
PublishedNov 19
Latest updateApr 30

Description

Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

NVDsamba/samba1.9.18
NVDcaldera/openlinux4 versions+3

Patches

Patch: www.caldera.comPatch: www.caldera.com

🔴Vulnerability Details

2
GHSA
GHSA-474f-x56w-f5p5: Samba 12022-04-30
CVEList
CVE-1999-1288: Samba 12002-03-09
CVE-1999-1288 (MEDIUM CVSS 4.6) | Samba 1.9.18 inadvertently includes | cvebase.io