Vulnerability in Caldera Openlinux
CVE-2002-1199
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
EPSS: 0.022 (80.5th percentile) — read the EPSS interpretation.
Affected products
- Caldera Openlinux — versions 2.2, 2.3, 2.4
- Sco Openserver — versions 5.0.5, 5.0.6, 5.0.6a
- Sun Solaris — versions 9.0
- Sun Sunos — versions 5.7, 5.8
- N/a — versions n/a
References
- cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Third Party Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (vdb-entry, x_refsource_BID)