Vulnerabilities > CVE-1999-1346 - Unspecified vulnerability in Redhat Linux

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

redhat

NVD

Published: 1999-10-07

Updated: 2016-10-18

Summary

PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.

Vulnerable Configurations

Part	Description	Count
OS	Redhat Redhat Linux - Redhat Linux 1.0 Redhat Linux 1.1 Redhat Linux 2.0 Redhat Linux 2.0.34 Redhat Linux 2.1 Redhat Linux 2.4.2 Redhat Linux 2.6.2 Redhat Linux 3.0 Redhat Linux 3.0.3 Redhat Linux 4.0 Redhat Linux 4.1 Redhat Linux 4.2 Redhat Linux 5.0 Redhat Linux 5.1 Redhat Linux 5.2 Redhat Linux 6.0 Redhat Linux 6.1	18

References

http://marc.info/?l=bugtraq&m=93942774609925&w=2