Vulnerabilities > CVE-1999-0691

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
cde
digital
ibm
sun
exploit available
NVD
Published: 1999-09-13
Updated: 2018-10-30

Summary

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

Vulnerable Configurations

Part Description Count
Application
Cde
6
OS
Digital
3
OS
Ibm
11
OS
Sun
8

Exploit-Db

descriptionTRU64/DIGITAL UNIX 4.0 d/e/f,AIX 4.3.2,Common Desktop Environment 2.1,IRIX 6.5.14,Solaris 7.0 dtaction Userflag Buffer Overflow Vulnerability. CVE-1999-0691....
idEDB-ID:19497
last seen2016-02-02
modified1999-09-13
published1999-09-13
reporterJob de Haas of ITSX
sourcehttps://www.exploit-db.com/download/19497/
titleDIGITAL UNIX 4.0 d/e/f,AIX <= 4.3.2,CDE <= 2.1,IRIX <= 6.5.14,Solaris <= 7.0 - Buffer Overflow

Oval

accepted2005-03-09T07:56:00.000-04:00
classvulnerability
contributors
nameBrian Soby
organizationThe MITRE Corporation
descriptionBuffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
familyunix
idoval:org.mitre.oval:def:3078
statusaccepted
submitted2005-02-01T12:00:00.000-04:00
titleCDE AddSuLog Function Buffer Overflow
version35

References