CyberSec.Space Logo
Back to CVE Browser

CVE-1999-1405

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0380%
EPSS Percentile17.20th
PublishedFeb 17, 1999
Last ModifiedApr 16, 2026

Vulnerability Description

snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.

Affected Platforms (CPE)

πŸ’»
Ibm

Aix

= 3.2.5
πŸ’»
Ibm

Aix

= 4.1
πŸ’»
Ibm

Aix

= 4.1.2
πŸ’»
Ibm

Aix

= 4.1.3
πŸ’»
Ibm

Aix

= 4.1.4
πŸ’»
Ibm

Aix

= 4.1.5
πŸ’»
Ibm

Aix

= 4.2
πŸ’»
Ibm

Aix

= 4.2.1

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=91936783009385&w=2
πŸ”— http://marc.info/?l=bugtraq&m=91954824614013&w=2
πŸ”— http://www.securityfocus.com/bid/375
πŸ”— http://marc.info/?l=bugtraq&m=91936783009385&w=2
πŸ”— http://marc.info/?l=bugtraq&m=91954824614013&w=2
πŸ”— http://www.securityfocus.com/bid/375

Related Vulnerabilities

CVE-1999-111910.0

FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary co...

CVE-1999-010110.0

Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.

CVE-2002-074710.0

Buffer overflow in lsmcode in AIX 4.3.3.

CVE-1999-010010.0

Remote access in AIX innd 1.5.1, using control messages.