Lucene search

[email protected]CVE-1999-1382

HistoryMar 09, 2002 - 5:00 a.m.

CVE-1999-1382

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cve-1999-1382

netware nfs

unix

read only flag

gain root privileges

setuid program

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

19.8%

JSON

NetWare NFS mode 1 and 2 implements the “Read Only” flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to “Read Only,” which NetWare-NFS changes to a setuid root program.

Affected configurations

NVD

Node

novellnetware

CPENameOperatorVersion
novell:netwarenovell netwareeq*

CPE	Name	Operator	Version
novell:netware	novell netware	eq	*

References

marc.info/?l=bugtraq&m=88427711321769&w=2

marc.info/?l=bugtraq&m=90295697702474&w=2

support.novell.com/cgi-bin/search/tidfinder.cgi?2940551

www.iss.net/security_center/static/7246.php

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

19.8%

JSON

Related for CVE-1999-1382

nvd1 cvelist1