NeXT NeXTstep 1.0/1.0a /usr/etc/restore0.9 privileges management

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in NeXT NeXTstep 1.0/1.0a and classified as critical. Affected by this issue is an unknown function of the file /usr/etc/restore0.9. Upgrading to version 2.0 eliminates this vulnerability.

Field06/16/2014 03:30 PM04/03/2019 11:26 AM
vendorNeXTNeXT
nameNeXTstepNeXTstep
version1.0/1.0a1.0/1.0a
file/usr/etc/restore0.9/usr/etc/restore0.9
risk11
historic00
cvss2_vuldb_basescore7.27.2
cvss2_vuldb_tempscore6.36.3
cvss2_vuldb_avLL
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciCC
cvss2_vuldb_iiCC
cvss2_vuldb_aiCC
cvss3_meta_basescore8.48.4
cvss3_meta_tempscore8.08.0
cvss3_vuldb_basescore8.48.4
cvss3_vuldb_tempscore8.08.0
date654912000 (10/03/1990)654912000 (10/03/1990)
urlhttp://www.cert.org/advisories/CA-1990-06.htmlhttp://www.cert.org/advisories/CA-1990-06.html
price_0day$0-$5k$0-$5k
nameUpgradeUpgrade
upgrade_version2.02.0
cveCVE-1999-1392CVE-1999-1392
seealso13620 1362113620 13621
cvss3_vuldb_uiNN
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
cvss2_nvd_avL
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciC
cvss2_nvd_iiC
cvss2_nvd_aiC
cve_nvd_published654912000
cve_nvd_summaryvulnerability in restore0.9 installation script in next 1.0a and 1.0 allows local users to gain root privileges.
securityfocus9
securityfocus_date654825600 (10/02/1990)
securityfocus_classUnknown
securityfocus_titleNeXTstep /usr/etc/restore0.9 suid shell script Vulnerability
cwe0269 (privilege escalation)

Want to stay up to date on a daily basis?

Enable the mail alert feature now!