Vulnerabilities > CVE-1999-0298

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

slackware

sun

NVD

Published: 1997-02-05

Updated: 2008-09-09

Summary

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

Vulnerable Configurations

Part	Description	Count
OS	Slackware Slackware Slackware Linux 2.1 Slackware Slackware Linux 2.2 Slackware Slackware Linux 2.3	3
OS	Sun SUN Sunos 4.1.3 SUN Sunos 4.1.4	2

References

http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp

Vulnerabilities > CVE-1999-0298 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-1999-0298"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-1999-0298