Unrated severityNVD Advisory· Published Oct 28, 2002· Updated Apr 16, 2026
CVE-2002-1199
CVE-2002-1199
Description
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
Affected products
9cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*
- cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*
- cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*
cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:o:sco:openserver:5.0.6a:*:*:*:*:*:*:*
- cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
- cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- www.kb.cert.org/vuls/id/538033nvdThird Party AdvisoryUS Government Resource
- ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40nvd
- marc.infonvd
- sunsolve.sun.com/pub-cgi/retrieve.plnvd
- www.iss.net/security_center/static/10329.phpnvd
- www.securityfocus.com/bid/5937nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423nvd
News mentions
0No linked articles in our index yet.