CVE-1999-1142Sunos vulnerability

4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 68.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SUN Sunos
Timeline
PublishedMay 27
Latest updateApr 16

Description

SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDsun/sunos4.1.2

Patches

Patch: www.cert.orgPatch: www.cert.org

🔴Vulnerability Details

3
VulDB
Sun SunOS 4.1.2 Sendmail Environment Variable privileges management (CA-1992-11 / XFDB-3152)2026-04-16
GHSA
GHSA-wx92-67c9-p24w: SunOS 42022-04-30
CVEList
CVE-1999-1142: SunOS 42002-03-09
CVE-1999-1142 — SUN Sunos vulnerability | cvebase