Details of VAR-199912-0023

ID

VAR-199912-0023

CVE

CVE-1999-1102

TITLE

SGI of IRIX Vulnerabilities in products from multiple vendors such as

Trust: 0.8

sources: JVNDB: JVNDB-1999-000075

DESCRIPTION

lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. SGI of IRIX Unspecified vulnerabilities exist in products from multiple vendors.None. SunOS is prone to a local security vulnerability. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks. SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems have the lpr vulnerability

Trust: 1.98

sources: NVD: CVE-1999-1102 // JVNDB: JVNDB-1999-000075 // BID: 88452 // VULHUB: VHN-1083

AFFECTED PRODUCTS

vendor:	bsd	model:	bsd	scope:	eq	version:	4.3	Trust: 1.3
vendor:	sgi	model:	irix	scope:	lte	version:	5.2	Trust: 1.0
vendor:	apple	model:	a ux	scope:	eq	version:	2.0.1	Trust: 1.0
vendor:	sun	model:	sunos	scope:	lte	version:	4.1.1	Trust: 1.0
vendor:	sgi	model:	irix	scope:	eq	version:	5.2	Trust: 0.9
vendor:	アップル	model:	a/ux	scope:	-	version:	-	Trust: 0.8
vendor:	サンマイクロシステムズ	model:	solaris	scope:	lte	version:	4.1.1 and earlier	Trust: 0.8
vendor:	sgi	model:	irix	scope:	-	version:	-	Trust: 0.8
vendor:	bsd	model:	bsd	scope:	-	version:	-	Trust: 0.8
vendor:	sun	model:	sunos	scope:	eq	version:	4.1.1	Trust: 0.3

sources: BID: 88452 // JVNDB: JVNDB-1999-000075 // CNNVD: CNNVD-199912-156 // NVD: CVE-1999-1102

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-1999-1102
value:	LOW
Trust: 1.0
NVD:	CVE-1999-1102
value:	LOW
Trust: 0.8
CNNVD:	CNNVD-199912-156
value:	LOW
Trust: 0.6
VULHUB:	VHN-1083
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-1999-1102
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-1083
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-1083 // JVNDB: JVNDB-1999-000075 // CNNVD: CNNVD-199912-156 // NVD: CVE-1999-1102

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-1999-000075 // NVD: CVE-1999-1102

THREAT TYPE

local

Trust: 0.9

sources: BID: 88452 // CNNVD: CNNVD-199912-156

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199912-156

PATCH

title:

top page

url:

https://www.apple.com/

Trust: 0.8

sources: JVNDB: JVNDB-1999-000075

EXTERNAL IDS

db:	NVD	id:	CVE-1999-1102	Trust: 3.6
db:	JVNDB	id:	JVNDB-1999-000075	Trust: 0.8
db:	CNNVD	id:	CNNVD-199912-156	Trust: 0.7
db:	BUGTRAQ	id:	19940307 8LGM ADVISORY RELEASES	Trust: 0.6
db:	CIAC	id:	E-25A	Trust: 0.6
db:	BID	id:	88452	Trust: 0.4
db:	VULHUB	id:	VHN-1083	Trust: 0.1

sources: VULHUB: VHN-1083 // BID: 88452 // JVNDB: JVNDB-1999-000075 // CNNVD: CNNVD-199912-156 // NVD: CVE-1999-1102

REFERENCES

url:	http://ciac.llnl.gov/ciac/bulletins/e-25.shtml	Trust: 2.8
url:	http://www.phreak.org/archives/security/8lgm/8lgm.lpr	Trust: 2.8
url:	http://www.aenigma.net/resources/maillist/bugtraq/1994/0091.htm	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-1999-1102	Trust: 0.8

sources: VULHUB: VHN-1083 // BID: 88452 // JVNDB: JVNDB-1999-000075 // CNNVD: CNNVD-199912-156 // NVD: CVE-1999-1102

CREDITS

Unknown

Trust: 0.3

sources: BID: 88452

SOURCES

db:	VULHUB	id:	VHN-1083
db:	BID	id:	88452
db:	JVNDB	id:	JVNDB-1999-000075
db:	CNNVD	id:	CNNVD-199912-156
db:	NVD	id:	CVE-1999-1102

LAST UPDATE DATE

2024-08-14T15:45:53.942000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-1083	date:	2008-09-05T00:00:00
db:	BID	id:	88452	date:	1999-12-31T00:00:00
db:	JVNDB	id:	JVNDB-1999-000075	date:	2024-05-13T09:03:00
db:	CNNVD	id:	CNNVD-199912-156	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-1999-1102	date:	2008-09-05T20:18:43.633

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-1083	date:	1999-12-31T00:00:00
db:	BID	id:	88452	date:	1999-12-31T00:00:00
db:	JVNDB	id:	JVNDB-1999-000075	date:	2024-05-13T00:00:00
db:	CNNVD	id:	CNNVD-199912-156	date:	1999-12-31T00:00:00
db:	NVD	id:	CVE-1999-1102	date:	1999-12-31T05:00:00