PT-1990-1006 · Next · Next
Published
1990-10-03
·
Updated
2025-04-03
·
CVE-1999-1391
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
NeXT versions 1.0a and 1.0
Description
The issue allows local users to gain privileges through a combination of the npd program and weak directory permissions, specifically when printers are publicly accessible.
Recommendations
For NeXT versions 1.0a and 1.0, restrict access to publicly accessible printers and adjust directory permissions to prevent exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Next