CVE-1999-1138

Published: Sep 17, 1993Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.

Affected (9)

Products: Sco: Open Desktop, Open Desktop Lite, Openserver, Unix

4 products

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Sco Open Desktop	Version 1.0
Sco Open Desktop	Version 2.0
Sco Open Desktop	Version 3.0
Sco Open Desktop Lite	Version 3.0
Sco Openserver	Version 3.0
Sco Unix	Version system_v386_3.2_operating_system
Sco Unix	Version system_v386_3.2_operating_system_2.0
Sco Unix	Version system_v386_3.2_operating_system_4.0
Sco Unix	Version system_v386_3.2_operating_system_4.x

References (4)

http://www.cert.org/advisories/CA-1993-13.html

Source: cve@mitre.org

US Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/546

Source: cve@mitre.org

http://www.cert.org/advisories/CA-1993-13.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/546

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.