CVE-1999-0192

Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:redhat:linux:4.0:::::::*
	cpe:2.3:o:redhat:linux:4.1:::::::*
	cpe:2.3:o:redhat:linux:4.2:::::::*
	cpe:2.3:o:redhat:linux:5.0:::::::*
	cpe:2.3:o:redhat:linux:5.1:::::::*
	cpe:2.3:o:redhat:linux:5.2::i386:::::
	cpe:2.3:o:redhat:linux:6.0::i386:::::
	cpe:2.3:o:slackware:slackware_linux:3.2:::::::*
	cpe:2.3:o:slackware:slackware_linux:3.3:::::::*
	cpe:2.3:o:slackware:slackware_linux:3.4:::::::*
	cpe:2.3:o:slackware:slackware_linux:3.5:::::::*
	cpe:2.3:o:slackware:slackware_linux:3.6:::::::*
	cpe:2.3:o:slackware:slackware_linux:3.9:::::::*
	cpe:2.3:o:slackware:slackware_linux:4.0:::::::*

History

20 Nov 2024, 23:28

Type	Values Removed	Values Added
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192 -

17 Aug 2022, 07:15

Type	Values Removed	Values Added
References		(MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192 -

Information

Published : 1997-10-18 04:00

Updated : 2024-11-20 23:28

NVD link : CVE-1999-0192

Mitre link : CVE-1999-0192

CVE.ORG link : CVE-1999-0192

JSON object : View

Products Affected

redhat

linux

slackware

slackware_linux

CWE

NVD-CWE-Other

{"id": "CVE-1999-0192", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "1997-10-18T04:00:00.000", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable."}], "lastModified": "2024-11-20T23:28:05.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B"}, {"criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10"}, {"criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE"}, {"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1"}, {"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501"}, {"criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07"}, {"criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "852B55FE-8180-4357-B717-399C16954C6F"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15CB96AA-7CC1-4F01-8E9A-F85CD851594A"}, {"criteria": "cpe:2.3:o:slackware:slackware_linux:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC3B1DD9-10B5-40FE-AE56-D068C41653DE"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}