Buffer overflow in xlock program allows local users to execute commands as root.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Bsdi
  • Bsd Os
Data General
  • Dg Ux
Debian
  • Debian Linux
Hp
  • Hp-ux
Ibm
  • Aix
Sgi
  • Irix
Sun
  • Solaris
  • Sunos

Configuration 1 [-]

OR cpe:2.3:a:data_general:dg_ux:1.0:*:*:*:*:*:*:*
cpe:2.3:a:data_general:dg_ux:2.0:*:*:*:*:*:*:*
cpe:2.3:a:data_general:dg_ux:3.0:*:*:*:*:*:*:*
cpe:2.3:a:data_general:dg_ux:4.0:*:*:*:*:*:*:*
cpe:2.3:a:data_general:dg_ux:5.0:*:*:*:*:*:*:*
cpe:2.3:a:data_general:dg_ux:6.0:*:*:*:*:*:*:*
cpe:2.3:a:data_general:dg_ux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.0:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.0.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.1.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:5.3:*:xfs:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.0.1:*:xfs:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:0.93:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:1.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:1.2:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:1.3:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*

No data.

References
Link Providers
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038 cve-icon cve-icon cve-icon
History

Thu, 12 Sep 2024 16:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 1999-09-29T04:00:00

Updated: 2024-09-12T14:37:48.860Z

Reserved: 1999-06-07T00:00:00

Link: CVE-1999-0038

cve-icon Vulnrichment

Updated: 2024-08-01T16:27:57.690Z

cve-icon NVD

Status : Modified

Published: 1997-04-26T04:00:00.000

Modified: 2024-09-12T15:35:31.693

Link: CVE-1999-0038

cve-icon Redhat

No data.