CVE-1999-1434
Severity:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/07/1998
Last modified:
18/10/2016
Description
login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server.
Impact
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:slackware:slackware_linux:3.1:*:*:*:*:*:*:* | ||
cpe:2.3:o:slackware:slackware_linux:3.2:*:*:*:*:*:*:* | ||
cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:* | ||
cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:* | ||
cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page