Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0949Improper Restriction of Operations within the Bounds of a Memory Buffer in Irix

4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.4%
top 37.70%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
SGI IrixSUN SolarisSUN Sunos+1 more
Timeline
PublishedNov 2
Latest updateApr 30

Description

Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages4 packages

NVDsgi/irix5 versions+4
NVDsun/sunos5.7
NVDsun/solaris2.6, 7.0+1

🔴Vulnerability Details

2
GHSA
GHSA-h57x-v5j7-4f26: Buffer overflow in canuum program for Canna input system allows local users to gain root privileges2022-04-30
CVEList
CVE-1999-0949: Buffer overflow in canuum program for Canna input system allows local users to gain root privileges2000-02-04

💥Exploits & PoCs

1
Exploit-DB
Turbolinux 3.5 b2 - 'canuum' Local Buffer Overflow1999-11-02
CVE-1999-0949 — SGI Irix vulnerability | cvebase