Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1461

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-1999-1461
Last Modified 10 Sep 2008 03:01:59
Published 07 May 1997 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1461

Summary

inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.

Vulnerable Systems

Operating System

  • Sgi Irix 5.3

  • Sgi Irix 6.1

  • Sgi Irix 6.2

  • Sgi Irix 6.3

  • Sgi Irix 6.4

  • Sgi Irix 6.5.10


References

BID - 381

SGI - 20001101-01-I

BUGTRAQ - 19970507 Irix: misc


Last Updated: 27 May 2016 10:35:26