CVE-1999-1530 - OpenCVE

cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sun	Cobalt Raq 2 Cobalt Raq 3i

Configuration 1 [-]

OR	cpe:2.3:h:sun:cobalt_raq_2::::::::
	cpe:2.3:h:sun:cobalt_raq_3i::::::::

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=94209954200450&w=2
http://marc.info/?l=bugtraq&m=94225629200045&w=2
http://www.iss.net/security_center/static/7764.php
http://www.osvdb.org/35
http://www.securityfocus.com/bid/777

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-03-09T05:00:00

Updated: 2024-08-01T17:18:07.507Z

Reserved: 2001-08-31T00:00:00

Link: CVE-1999-1530

Vulnrichment

No data.

NVD

Status : Modified

Published: 1999-11-08T05:00:00.000

Modified: 2016-10-18T02:05:31.580

Link: CVE-1999-1530

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "1999-11-08T00:00:00", "descriptions": [{"lang": "en", "value": "cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-02-18T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "777", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/777"}, {"name": "cobalt-cgiwrap-incorrect-permissions(7764)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/7764.php"}, {"name": "35", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/35"}, {"name": "19991109 [Cobalt] Security Advisory - cgiwrap", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=94225629200045&w=2"}, {"name": "19991108 Security flaw in Cobalt RaQ2 cgiwrap", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=94209954200450&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1530", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "777", "refsource": "BID", "url": "http://www.securityfocus.com/bid/777"}, {"name": "cobalt-cgiwrap-incorrect-permissions(7764)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7764.php"}, {"name": "35", "refsource": "OSVDB", "url": "http://www.osvdb.org/35"}, {"name": "19991109 [Cobalt] Security Advisory - cgiwrap", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=94225629200045&w=2"}, {"name": "19991108 Security flaw in Cobalt RaQ2 cgiwrap", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=94209954200450&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:18:07.507Z"}, "title": "CVE Program Container", "references": [{"name": "777", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/777"}, {"name": "cobalt-cgiwrap-incorrect-permissions(7764)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/7764.php"}, {"name": "35", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/35"}, {"name": "19991109 [Cobalt] Security Advisory - cgiwrap", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=94225629200045&w=2"}, {"name": "19991108 Security flaw in Cobalt RaQ2 cgiwrap", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=94209954200450&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1530", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:18:07.507Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}