Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1158Improper Restriction of Operations within the Bounds of a Memory Buffer in Sunos

5 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.3%
top 45.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SUN Sunos
Timeline
PublishedMay 13
Latest updateMay 3

Description

Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDsun/sunos4 versions+3

Patches

Patch: sunsolve.sun.comPatch: sunsolve.sun.com

🔴Vulnerability Details

2
GHSA
GHSA-m3h3-j5g8-pq9j: Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 22022-05-03
CVEList
CVE-1999-1158: Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 22001-09-12

💥Exploits & PoCs

2
Exploit-DB
Solaris 2.4 passwd / yppasswd / nispasswd - Local Overflow1997-07-12
Exploit-DB
Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Local Privilege Escalation1997-02-25
CVE-1999-1158 — SUN Sunos vulnerability | cvebase