CVE-1999-0298 Information

Description

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

Reference

http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp