fkie_nvd - fkie_cve-1999-0073

fkie_cve-1999-0073

Vulnerability from fkie_nvd

Published

1995-10-13 04:00

Modified

2025-04-03 01:03

Severity ?

Summary

Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.

References

▶	URL	Tags
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0073
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0073

Impacted products

Vendor	Product	Version
sgi	irix	5.0
sgi	irix	5.0.1
sgi	irix	5.1
sgi	irix	5.1.1
sgi	irix	5.2
sgi	irix	5.3
sgi	irix	5.3
sgi	irix	6.0
sgi	irix	6.0.1
sgi	irix	6.0.1
sgi	irix	6.1
sgi	irix	6.2
sgi	irix	6.3
digital	osf_1	1.2
digital	osf_1	1.3
digital	osf_1	2.0
digital	osf_1	3.0
digital	osf_1	3.2
digital	unix	3.2g
digital	unix	4.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sgi:irix:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D792E16B-A1AB-4BCE-9E6E-88C17D4F57CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30F950B1-7D5F-4CA9-BBEF-E6DB1A28C156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "333103D5-71B8-4DC1-90F7-15F2841955D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A889C10-0637-4133-AFBD-533C8397BE89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E292DA15-91BF-4957-9C0F-A69518538BED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "26144F94-63FD-4907-B548-09B68C2FC9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:5.3:*:xfs:*:*:*:*:*",
              "matchCriteriaId": "92BF03B6-9CDC-4161-9C1C-3E73582C3D83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "26309EFA-0991-46B6-9818-F0FBB902D5F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A81ED6-CE92-4C10-AA2B-AB9AF573D120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.0.1:*:xfs:*:*:*:*:*",
              "matchCriteriaId": "D157E1C1-F82B-4FDF-9ADB-5571B75E7D6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "966C1A13-8007-408D-96BE-0DA3BB6CA401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digital:osf_1:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3A2DB71-12B8-4CB2-A4EA-7C82B586C23C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:digital:osf_1:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B804A762-00CC-4F03-9E6D-31BB36E4159A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:digital:osf_1:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C78E0958-E499-4A8B-A897-885274A939A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:digital:osf_1:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCCBDA4E-85CE-4EE8-BE0B-11FA585AAF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:digital:osf_1:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C7E5F5-363A-4C3C-8A48-8EC55B32778F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:digital:unix:3.2g:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD4B2280-5114-4CBD-9B06-221BD9CE4229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:digital:unix:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1E08495-C0C5-40A9-A8FF-834F5F6083B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access."
    }
  ],
  "id": "CVE-1999-0073",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "1995-10-13T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0073"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-1999-0073 (GCVE-0-1999-0073)

Vulnerability from cvelistv5

Published

1999-09-29 04:00

Modified

2024-08-01 16:27

Severity ?

CWE

Summary

Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.

References

►

URL

Tags

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0073

x_refsource_MISC