3 results (0.004 seconds)

CVSS: 6.2EPSS: 0%CPEs: 15EXPL: 0

rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. • http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-01.html http://www.cert.org/advisories/CA-91.20.rdist.vulnerability http://www.iss.net/security_center/static/7160.php http://www.osvdb.org/8106 http://www.securityfocus.com/bid/31 •

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0

The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root. • http://www.cert.org/advisories/CA-1991-06.html http://www.securityfocus.com/bid/20 https://exchange.xforce.ibmcloud.com/vulnerabilities/581 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges. • http://ciac.llnl.gov/ciac/bulletins/b-01.shtml http://www.cert.org/advisories/CA-1990-06.html http://www.iss.net/security_center/static/7141.php http://www.securityfocus.com/bid/11 •