CVSS: 7.2EPSS: 0%CPEs: 28EXPL: 1CVE-1999-0023 – BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
https://notcve.org/view.php?id=CVE-1999-0023
Local user gains root privileges via buffer overflow in rdist, via lookup() function. • https://www.exploit-db.com/exploits/19106 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0023 •
CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 1CVE-1999-1572
https://notcve.org/view.php?id=CVE-1999-1572
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. • http://marc.info/?l=bugtraq&m=110763404701519&w=2 http://secunia.com/advisories/14357 http://secunia.com/advisories/17063 http://secunia.com/advisories/17532 http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf http://www.debian.org/security/2005/dsa-664 http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391 http://www.mandriva.com/security/advisories?name=MDKSA-2005:032 http://www.redhat.com/support/errata/RHSA-2005-073.html http://www.redhat.com/support&# •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1301
https://notcve.org/view.php?id=CVE-1999-1301
A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:17.rzsz.asc http://ciac.llnl.gov/ciac/bulletins/g-31.shtml http://www.iss.net/security_center/static/7540.php •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-1999-0022
https://notcve.org/view.php?id=CVE-1999-0022
Local user gains root privileges via buffer overflow in rdist, via expstr() function. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/179 • CWE-125: Out-of-bounds Read •
CVSS: 7.2EPSS: 0%CPEs: 16EXPL: 0CVE-1999-0138
https://notcve.org/view.php?id=CVE-1999-0138
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0138 •