CVE-1999-1193

Properties

Published:
13.05.1991
Updated:
12.10.2005
Patch available:
Severity:
High
CVSS vector:
(AV:L/AC:L/Au:NR/C:C/I:C/A:C/B:N) Approximated
Product:
NeXT: NeXT

Vulnerability description

The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root.

References:

CERT: http://www.cert.org/advisories/CA-1991-06.html
ISS X-Force: http://xforce.iss.net/static/581.php