Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1138

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-1999-1138
Last Modified 05 Sep 2008 04:18:48
Published 17 Sep 1993 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-1999-1138

Summary

SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.

Vulnerable Systems

Operating System

  • Sco Open Desktop 1.0

  • Sco Open Desktop 2.0

  • Sco Open Desktop 3.0

  • Sco Open Desktop Lite 3.0

  • Sco Openserver 3.0

  • Sco Unix System V386 3.2 Operating System

  • Sco Unix System V386 3.2 Operating System 2.0

  • Sco Unix System V386 3.2 Operating System 4.0

  • Sco Unix System V386 3.2 Operating System 4.x


References

CERT - CA-1993-13

XF - sco-homedir(546)


Last Updated: 27 May 2016 10:35:18