CVE Vulnerabilities

CVE-2002-1199

Published: Oct 28, 2002 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.

Affected Software

Name Vendor Start Version End Version
Openlinux Caldera 2.4 2.4
Openlinux Caldera 2.2 2.2
Sunos Sun 5.7 5.7
Sunos Sun 5.8 5.8
Openserver Sco 5.0.5 5.0.5
Solaris Sun 9.0 9.0
Openserver Sco 5.0.6a 5.0.6a
Openserver Sco 5.0.6 5.0.6
Openlinux Caldera 2.3 2.3

References