Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0948Improper Restriction of Operations within the Bounds of a Memory Buffer in Irix

4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.4%
top 37.70%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
SGI IrixSUN SolarisSUN Sunos+1 more
Timeline
PublishedNov 2
Latest updateApr 30

Description

Buffer overflow in uum program for Canna input system allows local users to gain root privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages4 packages

NVDsgi/irix5 versions+4
NVDsun/sunos5.7
NVDsun/solaris2.6, 7.0+1

🔴Vulnerability Details

2
GHSA
GHSA-4c58-jfmw-xwq5: Buffer overflow in uum program for Canna input system allows local users to gain root privileges2022-04-30
CVEList
CVE-1999-0948: Buffer overflow in uum program for Canna input system allows local users to gain root privileges2000-02-04

💥Exploits & PoCs

1
Exploit-DB
IRIX 6.5 / Solaris 7.0 / Turbolinux 4.2 - 'uum' Local Buffer Overflow1999-11-02
CVE-1999-0948 — SGI Irix vulnerability | cvebase