Vulnerabilities > CVE-1999-0138

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

NVD

Published: 1996-06-26

Updated: 2024-11-20

Summary

The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.

Vulnerable Configurations

Part	Description	Count
OS	Ibm IBM AIX 4 IBM AIX 3.2.5	2
OS	Linux Linux Linux Kernel 1.2.0 Linux Linux Kernel 2.0	2
OS	Nec NEC EWS UX V 4.2Mp NEC EWS UX V 4.2 NEC ASL UX 4800 * NEC UP UX V 4.2Mp	4
OS	Digital Digital OSF 1 1.3	1
OS	Freebsd Freebsd Freebsd 2.0.5 Freebsd Freebsd 2.1.0 Freebsd Freebsd 2.0	3
OS	Hp HP HP UX 8 HP HP UX 9 HP HP UX 10	3
OS	Apple Apple A UX 3.1.1	1

References

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.