Описание
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*
cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*
cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*
cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*
cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*
cpe:2.3:o:sco:openserver:5.0.6a:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02144
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
EPSS
Процентиль: 84%
0.02144
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other