CVE-1999-1288

Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.

Score4.6
Access VectorLOCAL
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published1998-11-19 12:00:00.000-05
Last Modified2017-10-09 09:29:05.000-04

Vulnerable Software List

VendorProductVersions
Caldera Openlinux 1.0, 1.1, 1.2, 1.3
Redhat Linux
Samba Samba 1.9.18
Turbolinux Turbolinux

References

SourceLink
CALDERASA-1998.35
BUGTRAQ19981119 Vulnerability in Samba on RedHat, Caldera and PHT TurboLinux
XFsamba-wsmbconf(1406)