CVE-1999-1468

3 documents3 sources

Severity

6.2MEDIUM

EPSS

0.1%

top 75.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cray Unicos Next Next SGI Irix +1 more

Timeline

PublishedOct 22

Latest updateApr 30

Description

rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.

CVSS vector

AV:L/AC:H/C:C/I:C/A:CExploitability: 1.9 | Impact: 10.0

Affected Packages4 packages

▶NVDsgi/irix5 versions+4

▶NVDnext/next2.0, 2.1+1

▶NVDsun/sunos5 versions+4

▶NVDcray/unicos6.0, 6.0e, 6.1+2

Patches

Patch: www.cert.org ↗Patch: www.securityfocus.com ↗Patch: www.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-9pmj-mqc2-hx2p: rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Se↗2022-04-30

▶

CVEList

CVE-1999-1468: rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Se↗2003-04-02

▶