CVE-1999-1382 Information

Description

NetWare NFS mode 1 and 2 implements the \Read Only\ flag in Unix by changing the ownership of a file to root which allows local users to gain root privileges by creating a setuid program and setting it to \Read Only\ which NetWare-NFS changes to a setuid root program.

Reference

http://marc.info/?l=bugtraq&m=88427711321769&w=2 http://marc.info/?l=bugtraq&m=90295697702474&w=2 http://support.novell.com/cgi-bin/search/tidfinder.cgi?2940551 http://www.iss.net/security_center/static/7246.php