CVE-1999-0298 - CVE Details

Description

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

slackware - slackware_linux

Affected Versions:

slackware - slackware_linux

Affected Versions:

slackware - slackware_linux

Affected Versions:

sun - sunos

Affected Versions:

4.1.3

sun - sunos

Affected Versions:

4.1.4

References

http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp
http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp