Vulnerabilities > CVE-1999-0689

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

cde

sun

exploit available

NVD

Published: 1999-09-13

Updated: 2018-10-30

Summary

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

Vulnerable Configurations

Part	Description	Count
Application	Cde CDE CDE 1.0.1 CDE CDE 1.0.2 CDE CDE 1.1 CDE CDE 1.2 CDE CDE 2.0 CDE CDE 2.1 CDE CDE 2.120	7
OS	Sun SUN Solaris 2.5 SUN Solaris 2.5.1 SUN Solaris 2.6 SUN Solaris 7.0 SUN Sunos - SUN Sunos 5.5 SUN Sunos 5.5.1 SUN Sunos 5.7	8

Exploit-Db

description	Common Desktop Environment 2.1 20,Solaris 7.0 dtspcd Vulnerability. CVE-1999-0689 . Local exploits for multiple platform
id	EDB-ID:19498
last seen	2016-02-02
modified	1999-09-13
published	1999-09-13
reporter	Job de Haas of ITSX
source	https://www.exploit-db.com/download/19498/
title	Common Desktop Environment <= 2.1 20,Solaris <= 7.0 dtspcd Vulnerability

Oval

accepted

2005-03-09T07:56:00.000-04:00

class

vulnerability

contributors

name	Brian Soby
organization	The MITRE Corporation

description

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

family

unix

oval:org.mitre.oval:def:1880

status

accepted

submitted

2005-02-01T12:00:00.000-04:00

title

CDE dtspcd Daemon Symlink Vulnerability

version

Vulnerabilities > CVE-1999-0689 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-1999-0689"}]}

Summary

Vulnerable Configurations

Exploit-Db

Oval

References

Vulnerabilities > CVE-1999-0689