Vulnerabilities > CVE-1999-0813 - Unspecified vulnerability in Infodrom Cfingerd

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

infodrom

NVD

Published: 1999-08-10

Updated: 2022-08-17

Summary

Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.

Vulnerable Configurations

Part	Description	Count
Application	Infodrom Infodrom Cfingerd *	1

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0813