CVE

Id
316  
CVE No.
CVE-1999-0317  
Status
Candidate  
Description
Buffer overflow in Linux su command gives root access to local users.  
Phase
Modified (19991216-01)  
Votes
ACCEPT(3) Frech, Hill, Northcutt | NOOP(1) Prosser | RECAST(1) Baker | REVIEWING(1) Christey  
Comments
Christey> DUPE CVE-1999-0845? | Also, ADDREF XF:unixware-su-username-bo | A report summary by Aleph One states that nobody was able to | confirm this problem on any Linux distribution. | Baker> If this is the same as the unixware, the n it is a dupe of 1999-0845. There is about a two and half month difference in the bugtraq reporting of these. | Sounds like the same bug however... | Christey> XF:su-bo no longer seems to exist. | How about XF:linux-subo(734) ? | http://xforce.iss.net/static/734.php | | BID:475 also seems to describe the same problem | (http://www.securityfocus.com/bid/475) in which case, | vsyslog is blamed in: | BUGTRAQ:19971220 Linux vsyslog() overflow | http://www.securityfocus.com/archive/1/8274  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
671 316 CVE-1999-0317 BUGTRAQ:19990818 slackware-3.5 /bin/su buffer overflow  View

Related JVN