Local Privilege Escalation in INN's inndstart Program by Caldera Systems
CVE-1999-0754

Currently unrated

Key Information:

Vendor: Isc
Status: Inn
Vendor: CVE Published:; 11 May 1999

What is CVE-1999-0754?

The inndstart program component of the InterNetNews (INN) package from Caldera Systems is susceptible to local privilege escalation. This vulnerability occurs when a local user specifies an alternate configuration file using the INNCONF environmental variable. Exploiting this flaw can allow attackers to gain elevated privileges on the system, facilitating unauthorized actions and potential compromise of security.

References

http://www.securityfocus.com/bid/255

vdb-entryx_refsource_BID

http://www.redhat.com/corp/support/errata/inn99_05_22.html

x_refsource_MISC

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-01...

vendor-advisoryx_refsource_CALDERA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Nov 25, 1999
Vulnerability published
May 11, 1999

Isc

What is CVE-1999-0754?

References

Timeline