ID

VAR-199912-0023


CVE

CVE-1999-1102


TITLE

SGI  of  IRIX  Vulnerabilities in products from multiple vendors such as

Trust: 0.8

sources: JVNDB: JVNDB-1999-000075

DESCRIPTION

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. SGI of IRIX Unspecified vulnerabilities exist in products from multiple vendors.None. SunOS is prone to a local security vulnerability. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks. SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems have the lpr vulnerability

Trust: 1.98

sources: NVD: CVE-1999-1102 // JVNDB: JVNDB-1999-000075 // BID: 88452 // VULHUB: VHN-1083

AFFECTED PRODUCTS

vendor:bsdmodel:bsdscope:eqversion:4.3

Trust: 1.3

vendor:sunmodel:sunosscope:lteversion:4.1.1

Trust: 1.0

vendor:applemodel:a uxscope:eqversion:2.0.1

Trust: 1.0

vendor:sgimodel:irixscope:lteversion:5.2

Trust: 1.0

vendor:sgimodel:irixscope:eqversion:5.2

Trust: 0.9

vendor:アップルmodel:a/uxscope: - version: -

Trust: 0.8

vendor:サン マイクロシステムズmodel:solarisscope:lteversion:4.1.1 and earlier

Trust: 0.8

vendor:sgimodel:irixscope: - version: -

Trust: 0.8

vendor:bsdmodel:bsdscope: - version: -

Trust: 0.8

vendor:sunmodel:sunosscope:eqversion:4.1.1

Trust: 0.3

sources: BID: 88452 // JVNDB: JVNDB-1999-000075 // CNNVD: CNNVD-199912-156 // NVD: CVE-1999-1102

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1102
value: LOW

Trust: 1.0

NVD: CVE-1999-1102
value: LOW

Trust: 0.8

CNNVD: CNNVD-199912-156
value: LOW

Trust: 0.6

VULHUB: VHN-1083
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-1999-1102
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-1083
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1083 // JVNDB: JVNDB-1999-000075 // CNNVD: CNNVD-199912-156 // NVD: CVE-1999-1102

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-1999-000075 // NVD: CVE-1999-1102

THREAT TYPE

local

Trust: 0.9

sources: BID: 88452 // CNNVD: CNNVD-199912-156

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199912-156

PATCH

title:top pageurl:https://www.apple.com/

Trust: 0.8

sources: JVNDB: JVNDB-1999-000075

EXTERNAL IDS

db:NVDid:CVE-1999-1102

Trust: 3.6

db:JVNDBid:JVNDB-1999-000075

Trust: 0.8

db:CNNVDid:CNNVD-199912-156

Trust: 0.7

db:BUGTRAQid:19940307 8LGM ADVISORY RELEASES

Trust: 0.6

db:CIACid:E-25A

Trust: 0.6

db:BIDid:88452

Trust: 0.4

db:VULHUBid:VHN-1083

Trust: 0.1

sources: VULHUB: VHN-1083 // BID: 88452 // JVNDB: JVNDB-1999-000075 // CNNVD: CNNVD-199912-156 // NVD: CVE-1999-1102

REFERENCES

url:http://ciac.llnl.gov/ciac/bulletins/e-25.shtml

Trust: 3.8

url:http://www.phreak.org/archives/security/8lgm/8lgm.lpr

Trust: 3.8

url:http://www.aenigma.net/resources/maillist/bugtraq/1994/0091.htm

Trust: 3.0

url:https://nvd.nist.gov/vuln/detail/cve-1999-1102

Trust: 0.8

sources: VULHUB: VHN-1083 // BID: 88452 // JVNDB: JVNDB-1999-000075 // CNNVD: CNNVD-199912-156 // NVD: CVE-1999-1102

CREDITS

Unknown

Trust: 0.3

sources: BID: 88452

SOURCES

db:VULHUBid:VHN-1083
db:BIDid:88452
db:JVNDBid:JVNDB-1999-000075
db:CNNVDid:CNNVD-199912-156
db:NVDid:CVE-1999-1102

LAST UPDATE DATE

2024-11-22T23:11:44.796000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1083date:2008-09-05T00:00:00
db:BIDid:88452date:1999-12-31T00:00:00
db:JVNDBid:JVNDB-1999-000075date:2024-05-13T09:03:00
db:CNNVDid:CNNVD-199912-156date:2005-05-02T00:00:00
db:NVDid:CVE-1999-1102date:2024-11-20T23:30:18.463

SOURCES RELEASE DATE

db:VULHUBid:VHN-1083date:1999-12-31T00:00:00
db:BIDid:88452date:1999-12-31T00:00:00
db:JVNDBid:JVNDB-1999-000075date:2024-05-13T00:00:00
db:CNNVDid:CNNVD-199912-156date:1999-12-31T00:00:00
db:NVDid:CVE-1999-1102date:1999-12-31T05:00:00