Privilege Escalation in NFS Servers by a Major Vendor
CVE-1999-0084

Currently unrated

Key Information:

Vendor: Oracle
Status: Nfs
Vendor: CVE Published:; 1 May 1990

What is CVE-1999-0084?

Certain NFS servers are vulnerable to an exploit that allows users to create a writable kmem device using the mknod command. This can lead to unauthorized privilege escalation by setting the user ID (UID) to 0, effectively allowing malicious users to gain superuser privileges. It's essential for administrators to be aware of this security issue and apply necessary patches or configurations to mitigate the risk.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/78

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Jun 7, 1999
Vulnerability published
May 1, 1990

Oracle

What is CVE-1999-0084?

References

Timeline