CVE-1999-1467

Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.cert.org/advisories/CA-1989-07.html	Patch Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/5	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/3165
http://www.cert.org/advisories/CA-1989-07.html	Patch Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/5	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/3165

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:sun:sunos:4.0:::::::*
	cpe:2.3:o:sun:sunos:4.0.1:::::::*
	cpe:2.3:o:sun:sunos:4.0.2:::::::*
	cpe:2.3:o:sun:sunos:4.0.3:::::::*
	cpe:2.3:o:sun:sunos:4.0.3c:::::::*

History

No history.

Information

Published : 1989-10-26 04:00

Updated : 2025-04-03 01:03

NVD link : CVE-1999-1467

Mitre link : CVE-1999-1467

CVE.ORG link : CVE-1999-1467

JSON object : View

Products Affected

sun

sunos

CWE

NVD-CWE-Other

{"id": "CVE-1999-1467", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "1989-10-26T04:00:00.000", "references": [{"url": "http://www.cert.org/advisories/CA-1989-07.html", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/5", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3165", "source": "cve@mitre.org"}, {"url": "http://www.cert.org/advisories/CA-1989-07.html", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/5", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3165", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sun:sunos:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2839042D-7706-4059-B069-72E36297ECEB"}, {"criteria": "cpe:2.3:o:sun:sunos:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3791C6C1-2B30-4746-B4D5-A728914C3589"}, {"criteria": "cpe:2.3:o:sun:sunos:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C25D2DE-7ED7-47E3-A49F-1F42B57500CD"}, {"criteria": "cpe:2.3:o:sun:sunos:4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FF99415-1F8D-4926-BB55-240B1F116800"}, {"criteria": "cpe:2.3:o:sun:sunos:4.0.3c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27C5561B-F8AE-4AD2-BD1C-E9089F315277"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}