Vulnerabilities > CVE-1999-1382 - Unspecified vulnerability in Novell Netware

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

novell

NVD

Published: 1999-12-31

Updated: 2016-10-18

Summary

NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.

Vulnerable Configurations

Part	Description	Count
OS	Novell Novell Netware *	1

References

http://marc.info/?l=bugtraq&m=88427711321769&w=2
http://marc.info/?l=bugtraq&m=90295697702474&w=2
http://support.novell.com/cgi-bin/search/tidfinder.cgi?2940551
http://www.iss.net/security_center/static/7246.php