CVE-1999-1025Solaris vulnerability

3 documents3 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 77.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SUN SolarisSUN Sunos
Timeline
PublishedNov 12
Latest updateApr 30

Description

CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

NVDsun/solaris2.6
NVDsun/sunos5.6

Patches

Patch: sunsolve.sun.comPatch: www.securityfocus.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-8gcf-xxjr-4rj6: CDE screen lock program (screenlock) on Solaris 22022-04-30
CVEList
CVE-1999-1025: CDE screen lock program (screenlock) on Solaris 22001-09-12
CVE-1999-1025 — SUN Solaris vulnerability | cvebase