CVE-1999-1299
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD
Description
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
Affected (2)
Products: Redhat: Linux · Slackware: Slackware Linux
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.0 | |
| Version 3.1 |
References (2)
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.