NextCVEs & Vulnerabilities

10 CVEs affecting Next products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

nextstep 9next 7nex 1openstep 1
CVE-2006-4392HIGHpoc

The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function.

3 Oct 2006
7.2
CVSS
CVE-1999-0956HIGH

The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service.

19 Sep 1997
7.2
CVSS
CVE-1999-0046CRITICALpoc

Buffer overflow of rlogin program using TERM environmental variable.

6 Feb 1997
10.0
CVSS
CVE-1999-0032HIGHpoc

Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.

25 Oct 1996
7.2
CVSS
CVE-1999-0078LOW

pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.

18 Apr 1996
1.9
CVSS
CVE-1999-1468MEDIUM

rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.

22 Oct 1991
6.2
CVSS
CVE-1999-1193CRITICAL

The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root.

14 May 1991
10.0
CVSS
CVE-1999-1198HIGH

BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.

3 Oct 1990
7.2
CVSS
CVE-1999-1391HIGH

Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions.

3 Oct 1990
7.2
CVSS
CVE-1999-1392HIGH

Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 allows local users to gain root privileges.

3 Oct 1990
7.2
CVSS
← PrevPage 1 / 1Next →