Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-0864

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-1999-0864
Last Modified 09 Sep 2008 08:36:03
Published 03 Dec 1999 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-0864

Summary

UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.

Vulnerable Systems

Operating System

  • Sco Unixware 7.0

  • Sco Unixware 7.0.1

  • Sco Unixware 7.1

  • Sco Unixware 7.1.1


References

BUGTRAQ - 19991202 UnixWare coredumps follow symlinks

BID - 851

BUGTRAQ - 19991223 FYI, SCO Security patches available.

BUGTRAQ - 19991220 SCO OpenServer Security Status

BUGTRAQ - 19991215 Recent postings about SCO UnixWare 7


Last Updated: 27 May 2016 10:35:10