CVE-1999-0689

Published: Sep 13, 1999Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

Affected (15)

Products: Cde: Cde · Sun: Solaris, Sunos

1 product

2 products

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Cde Cde	Version 1.0.1
Cde Cde	Version 1.0.2
Cde Cde	Version 1.1
Cde Cde	Version 1.2
Cde Cde	Version 2.0
Cde Cde	Version 2.120
Cde Cde	Version 2.1

Configuration B

8 vulnerable

Vulnerable Software	Affected Versions
Sun Solaris	Version 2.5.1
Sun Solaris	Version 2.5
Sun Solaris	Version 2.6
Sun Solaris	Version 7.0
Sun Sunos	All versions
Sun Sunos	Version 5.5.1
Sun Sunos	Version 5.5
Sun Sunos	Version 5.7

References (8)

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192

Source: cve@mitre.org

http://www.securityfocus.com/bid/636

Source: cve@mitre.org

http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1880

Source: cve@mitre.org

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/636

Source: af854a3a-2127-422b-91ae-364da2661108

http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1880

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.