CVE - CVE-1999-1570

CVE-ID
CVE-1999-1570	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:4089 URL:http://www.securityfocus.com/bid/4089 BUGTRAQ:19990909 19 SCO 5.0.5+Skunware98 buffer overflows URL:http://online.securityfocus.com/archive/1/27074 CALDERA:CSSA-2002-SCO.17 URL:~~ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17/CSSA-2002-SCO.17.txt~~ (Obsolete source - check if archived by the Wayback Machine) VULN-DEV:20020509 Sar -o exploitation process info. URL:http://marc.info/?l=vuln-dev&m=102098949103708&w=2 XF:openserver-sar-bo(8989) URL:~~http://www.iss.net/security_center/static/8989.php~~ (Obsolete source - check if archived by the Wayback Machine)
Assigning CNA
MITRE Corporation
Date Record Created
20020611	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (20020830)
Votes (Legacy)
ACCEPT(4) Armstrong, Cole, Frech, Green NOOP(3) Cox, Foat, Wall REVIEWING(1) Christey
Comments (Legacy)
Frech> It seems as if the BID-4089 assignment on this CAN name may be in error. BID-4089 (Multiple Vendor SNMP Request Handling Vulnerabilities) is already assigned to CVE-2002-0013. Also, this CVE issue seems to have nothing to do with SNMP. Christey> Agreed, this is the wrong BID. SecurityFocus has assigned BID:643 to CVE-1999-1570, but there's a bit of an inconsistency. BID:643 alludes to Bugtraq posts in 1999 from Brock Tellier, mentioning overflows in sar via BOTH the -o and -f parameters. However, they also link this issue to SCO advisory 99.17, although the advisory itself is too vague to really know what vulns they fixed. And now the link to a potentially more detailed document (sse037.ltr) is broken. So we don't have any independent reason for knowing whether SCO 99.17 (a) addresses any "sar" vulnerabilities, and (b) even if it does, whether it addresses both the -o and -f arguments originally claimed by Tellier. Finally, it seems rather curious that CSSA-2002-SCO.17 talks about a -o overflow but does not mention -f. Sounds like an email to the security people at SCO is in order... OK. Having consulted with SCO (who responded quickly), I looked even further into this issue. There is now sufficient evidence that the -f overflow was fixed in 1999. This means that a separate candidate should be created (by CD:SF-LOC), so the -f overflow is now covered by CVE-1999-1571. Need to DELREF BID:4089 CHANGE> [Frech changed vote from NOOP to ACCEPT] CHANGE> [Christey changed vote from NOOP to REVIEWING]
Proposed (Legacy)
20020830
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)