Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-1999-0298

Description

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

POC

Reference

- http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp

Github

No PoCs found on GitHub currently.