Executive Summary

Informations
Name CVE-1999-0164 First vendor Publication 1995-08-29
Vendor Cve Last vendor Modification 2008-09-09

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 1.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A race condition in the Solaris ps command allows an attacker to overwrite critical files.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0164

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 3

Open Source Vulnerability Database (OSVDB)

Id Description
8346 Solaris ps Command Symlink Arbitrary File Overwrite

The ps program in Sun Solaris contains a flaw that may allow a malicious user to overwrite arbitrary files. The issue is triggered when the program creates the 'ps_data' file with root permission in the /tmp directory, which is world-writeable. It is possible that the flaw may allow a malicious user to create a symlink from a malicious file, which could be overwritten when the application is executed resulting in a loss of integrity.

Sources (Detail)

Source Url
OSVDB http://www.osvdb.org/8346

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2021-05-04 12:00:52
  • Multiple Updates
2021-04-22 01:01:06
  • Multiple Updates
2020-05-23 00:14:05
  • Multiple Updates
2016-06-28 14:49:01
  • Multiple Updates
2013-05-11 11:55:47
  • Multiple Updates