CVE-1999-1198

📅 14 April 2026 at 18:00 UTC📰 NVDView original source ↗

BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

A local privilege escalation vulnerability was discovered in the BuildDisk program on NeXT systems before version 2.0, allowing unauthorized users to gain root access without prompting for the root password.

⚙️Technical Details

CVEs

CVE-1999-1198

Affected Systems

NeXT systems

Attack Vectors

AV:L/AC:L/Au:N/C:C/I:C/A:C

💥Impact Assessment

Severity: h

Who Is at Risk

Users with local access to NeXT systems before version 2.0

🛡️Recommended Actions

1Update the BuildDisk program to version 2.0 or later

2Change default root password for affected systems

3Monitor system logs for suspicious activity

📦Affected Products

Next NextBuildDisk program on NeXT systems

🔐NVD Verified DataVERIFIED

CVE-1999-1198 ↗CVSS 7.2 — HIGH

Attack Vector

LOCAL

Complexity

LOW

Vector String

AV:L/AC:L/Au:N/C:C/I:C/A:C

Affected Products (CPE)

Next Next

Patches & References

🔧 http://ciac.llnl.gov/ciac/bulletins/b-01.shtml 🔧 http://www.cert.org/advisories/CA-1990-06.html 🔧 http://ciac.llnl.gov/ciac/bulletins/b-01.shtml 📋 http://ciac.llnl.gov/ciac/bulletins/b-01.shtml 📋 http://ciac.llnl.gov/ciac/bulletins/b-01.shtml

Read the full article

This is a curated summary. The complete article is available at NVD.

Read on NVD ↗

← Back to feed