CVE-1999-1021 — Sunos vulnerability

4 documents4 sources

Severity

7.2HIGHNVD

EPSS

0.1%

top 75.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Sunos

Timeline

PublishedDec 30

Latest updateApr 16

Description

NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDsun/sunos4.1, 4.1.1, 4.1.2+2

Patches

Patch: sunsolve.sun.com ↗Patch: www.cert.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

VulDB

Sun SunOS 4.1/4.1.1/4.1.2 NFS uid Local Privilege Escalation (CA-1992-15 / XFDB-82)↗2026-04-16

▶

GHSA

GHSA-5xf6-9pfj-rr6g: NFS on SunOS 4↗2022-04-30

▶

CVEList

CVE-1999-1021: NFS on SunOS 4↗2002-03-09

▶