ID

VAR-199708-0008


CVE

CVE-1999-0524


TITLE

Linux kernel Information disclosure vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199708-003

DESCRIPTION

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. McAfee Data Loss Prevention (DLP) is a set of data loss prevention solutions from McAfee. The solution protects intellectual property and ensures compliance by protecting the environment in which sensitive data resides (on-premise, in the cloud, or on the endpoint). Cross-site scripting vulnerabilities and cross-site request forgery vulnerabilities exist in McAfee DLP. When the user browses the affected website, his browser will execute any script code provided by the attacker, which may cause the attacker to steal cookie-based authentication, perform unauthorized operations, leak or modify sensitive information, or other forms may exist. s attack. Other attacks may also be possible

Trust: 1.8

sources: NVD: CVE-1999-0524 // CNNVD: CNNVD-201308-265 // BID: 61811 // VULHUB: VHN-522

AFFECTED PRODUCTS

vendor:hpmodel:hp-uxscope:eqversion: -

Trust: 1.0

vendor:windrivermodel:bsdosscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windowsscope:eqversion: -

Trust: 1.0

vendor:scomodel:unixscope:eqversion: -

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion: -

Trust: 1.0

vendor:sgimodel:irixscope:eqversion: -

Trust: 1.0

vendor:ibmmodel:aixscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion: -

Trust: 1.0

vendor:novellmodel:netwarescope:eqversion: -

Trust: 1.0

vendor:oraclemodel:solarisscope:eqversion: -

Trust: 1.0

vendor:hpmodel:tru64scope:eqversion: -

Trust: 1.0

vendor:ibmmodel:os2scope:eqversion: -

Trust: 1.0

vendor:applemodel:macosscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope: - version: -

Trust: 0.6

vendor:mcafeemodel:network data loss preventionscope:eqversion:9.2.2

Trust: 0.3

vendor:mcafeemodel:network data loss preventionscope:eqversion:9.2.1

Trust: 0.3

vendor:mcafeemodel:network data loss preventionscope:eqversion:9.2.0

Trust: 0.3

vendor:mcafeemodel:network data loss preventionscope:eqversion:8.6

Trust: 0.3

vendor:mcafeemodel:network data loss preventionscope:neversion:9.3

Trust: 0.3

sources: BID: 61811 // CNNVD: CNNVD-199708-003 // NVD: CVE-1999-0524

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-0524
value: LOW

Trust: 1.0

CNNVD: CNNVD-199708-003
value: LOW

Trust: 0.6

VULHUB: VHN-522
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-1999-0524
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-522
severity: LOW
baseScore: 0.0
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 0.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-522 // CNNVD: CNNVD-199708-003 // NVD: CVE-1999-0524

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.1

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-522 // NVD: CVE-1999-0524

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-199708-003

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-199708-003

EXTERNAL IDS

db:MCAFEEid:SB10053

Trust: 2.0

db:NVDid:CVE-1999-0524

Trust: 1.7

db:JUNIPERid:JSA10705

Trust: 1.7

db:OSVDBid:95

Trust: 1.7

db:BIDid:61811

Trust: 0.9

db:CNNVDid:CNNVD-199708-003

Trust: 0.7

db:CNNVDid:CNNVD-201308-265

Trust: 0.6

db:VULHUBid:VHN-522

Trust: 0.1

sources: VULHUB: VHN-522 // BID: 61811 // CNNVD: CNNVD-199708-003 // CNNVD: CNNVD-201308-265 // NVD: CVE-1999-0524

REFERENCES

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10053

Trust: 1.9

url:http://descriptions.securescout.com/tc/11010

Trust: 1.7

url:http://descriptions.securescout.com/tc/11011

Trust: 1.7

url:http://www.osvdb.org/95

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/306

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/322

Trust: 1.7

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10705

Trust: 1.6

url:http://kb.vmware.com/selfservice/microsites/search.do?cmd=displaykc&externalid=1434

Trust: 1.6

url:http://www.securityfocus.com/bid/61811

Trust: 0.6

url:http://www.mcafee.com/us/products/data-protection/data-loss-prevention.aspx

Trust: 0.3

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10705

Trust: 0.1

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10053

Trust: 0.1

url:http://kb.vmware.com/selfservice/microsites/search.do?cmd=displaykc&externalid=1434

Trust: 0.1

sources: VULHUB: VHN-522 // BID: 61811 // CNNVD: CNNVD-199708-003 // CNNVD: CNNVD-201308-265 // NVD: CVE-1999-0524

CREDITS

ANZ Bank, BAE Systems, Graham Bell of Stratsec.Detica, Jamie Ooi, DirecTV, Xylinx, and Telstra

Trust: 0.9

sources: BID: 61811 // CNNVD: CNNVD-201308-265

SOURCES

db:VULHUBid:VHN-522
db:BIDid:61811
db:CNNVDid:CNNVD-199708-003
db:CNNVDid:CNNVD-201308-265
db:NVDid:CVE-1999-0524

LAST UPDATE DATE

2024-08-14T12:14:30.147000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-522date:2017-07-11T00:00:00
db:BIDid:61811date:2013-08-13T00:00:00
db:CNNVDid:CNNVD-199708-003date:2022-11-17T00:00:00
db:CNNVDid:CNNVD-201308-265date:2013-08-20T00:00:00
db:NVDid:CVE-1999-0524date:2022-11-14T19:33:21.037

SOURCES RELEASE DATE

db:VULHUBid:VHN-522date:1997-08-01T00:00:00
db:BIDid:61811date:2013-08-13T00:00:00
db:CNNVDid:CNNVD-199708-003date:1997-08-01T00:00:00
db:CNNVDid:CNNVD-201308-265date:2013-08-20T00:00:00
db:NVDid:CVE-1999-0524date:1997-08-01T04:00:00