AT&T TCP/IP 4.0 on SVR4 /usr/etc/rexecd privileges management

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in AT&T TCP and IP 4.0 on SVR4. It has been declared as very critical. This vulnerability affects some unknown processing of the file /usr/etc/rexecd. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field06/16/2014 03:30 PM04/03/2019 12:01 PM
vendorAT&TAT&T
nameTCP/IPTCP/IP
version4.04.0
platformSVR4SVR4
file/usr/etc/rexecd/usr/etc/rexecd
notaffectedlistAT&T TCP/IP 3.2 AT&T SVR4 4.0AT&T TCP/IP 3.2 AT&T SVR4 4.0
risk22
cvss2_vuldb_basescore10.010.0
cvss2_vuldb_tempscore10.010.0
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciCC
cvss2_vuldb_iiCC
cvss2_vuldb_aiCC
cvss3_meta_basescore9.89.8
cvss3_meta_tempscore9.89.8
cvss3_vuldb_basescore9.89.8
cvss3_vuldb_tempscore9.89.8
date698976000 (02/25/1992)698976000 (02/25/1992)
urlhttp://www.cert.org/advisories/CA-1992-04.htmlhttp://www.cert.org/advisories/CA-1992-04.html
price_0day$0-$5k$0-$5k
cveCVE-1999-1059CVE-1999-1059
cvss3_vuldb_uiNN
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciC
cvss2_nvd_iiC
cvss2_nvd_aiC
cve_nvd_published698976000
cve_nvd_summaryvulnerability in rexec daemon (rexecd) in at&t tcp/ip 4.0 for various svr4 systems allows remote attackers to execute arbitrary commands.
securityfocus36
securityfocus_date698976000 (02/25/1992)
securityfocus_classUnknown
securityfocus_titleAT&T TCP/IP /usr/etc/rexecd Vulnerability
cwe0269 (privilege escalation)

Do you know our Splunk app?

Download it now for free!