TILLBAKA TILL DASHBOARD

CVE-1999-1193

Källa: cve@mitre.org

UNKNOWN
10 CVSS Score

EXPLOTATION STATUS & MITIGATIONS

EXPLOIT STATUS
NO KNOWN EXPLOIT
REMEDIATION
PATCH AVAILABLE

PÅVERKADE KLIENTER/MJUKVARA

Next

BESKRIVNING

The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root.

TEKNISK DATA

{
  "id": "CVE-1999-1193",
  "sourceIdentifier": "cve@mitre.org",
  "published": "1991-05-14T04:00:00.000",
  "lastModified": "2025-04-03T01:03:51.193",
  "vulnStatus": "Deferred",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The \"me\" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "baseScore": 10,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10,
        "impactScore": 10,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:next:next:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "2.1",
              "matchCriteriaId": "ACE9BEA7-5F68-4861-B7F8-7C9A8889DBAB"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.cert.org/advisories/CA-1991-06.html",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/20",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/581",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.cert.org/advisories/CA-1991-06.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/20",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/581",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}

Status

Vuln Status:Deferred
Publicerad:5/14/1991
Uppdaterad:4/3/2025

Vector String

AV:N/AC:L/Au:N/C:C/I:C/A:C
ÖPPNA I NVD