Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-1999-0046

Published: 06/02/1997 Updated: 09/02/2024
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Bsdi

Vulnerability Summary

Buffer overflow of rlogin program using TERM environmental variable.

Vulnerable Product Search on Vulmon Subscribe to Product

bsdi bsd os 1.1

sun sunos 5.3

hp hp-ux 10.30

oracle solaris -

debian debian linux 0.93

sun sunos 4.1.4

hp hp-ux 10.01

hp hp-ux 10.00

ibm aix 4.1.4

ibm aix 4.1.5

freebsd freebsd 2.0.5

bsdi bsd os 2.0

freebsd freebsd 1.1.5.1

hp hp-ux 10.34

sun sunos 5.5

netbsd netbsd 1.0

bsdi bsd os 2.1

hp hp-ux 10.24

oracle solaris 8

ibm aix 4.1.1

netbsd netbsd 1.1

freebsd freebsd 2.1.0

sun sunos 5.4

hp hp-ux 10.08

sun sunos 5.5.1

ibm aix 4.1.2

hp hp-ux 10.20

sun sunos 4.1.3u1

bsdi bsd os 2.0.1

ibm aix 4.1

hp hp-ux 10.09

ibm aix 4.1.3

freebsd freebsd 2.1.5

ibm aix 3.2

hp hp-ux 10.10

freebsd freebsd 2.0

hp hp-ux 10.16

oracle solaris 7.0

oracle solaris 2.6

oracle solaris 2.5.1

digital ultrix -

next nextstep -

Exploits

Exploit DB: BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Local Privilege Escalation
/* source: wwwsecurityfocuscom/bid/242/info The SUID rlogin program is used to establish remote sessions A buffer overflow condition has been found in the rlogin program that may allow an unauthorized user to gain root access The overflow in particular is in the rlogin code that handles the TERM enviroment variable Similar bugs have be ...

Github Repositories

https://github.com/huhu1235/pytm

pytm: A Pythonic framework for threat modeling Introduction Traditional threat modeling too often comes late to the party, or sometimes not at all In addition, creating manual data flows and reports can be extremely time-consuming The goal of pytm is to shift threat modeling to the left, making threat modeling more automated and developer-centric Features Based on your inpu

https://github.com/izar/pytm

A Pythonic framework for threat modeling

pytm: A Pythonic framework for threat modeling Introduction Traditional threat modeling too often comes late to the party, or sometimes not at all In addition, creating manual data flows and reports can be extremely time-consuming The goal of pytm is to shift threat modeling to the left, making threat modeling more automated and developer-centric Features Based on your inpu

https://github.com/croates23/pytm-hardware

pytm: A Pythonic framework for threat modeling Introduction Traditional threat modeling too often comes late to the party, or sometimes not at all In addition, creating manual data flows and reports can be extremely time-consuming The goal of pytm is to shift threat modeling to the left, making threat modeling more automated and developer-centric Features Based on your inpu

References

CWE-120https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046https://nvd.nist.govhttps://www.exploit-db.com/exploits/19203/https://github.com/izar/pytm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook