CVE-1999-0298

Published: Feb 5, 1997Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

Affected (5)

Products: Slackware: Slackware Linux · Sun: Sunos

1 product

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Slackware Slackware Linux	Version 2.1
Slackware Slackware Linux	Version 2.2
Slackware Slackware Linux	Version 2.3
Sun Sunos	Version 4.1.3
Sun Sunos	Version 4.1.4

References (2)

http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp

Source: cve@mitre.org

http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.