Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1191Improper Restriction of Operations within the Bounds of a Memory Buffer in Solaris

5 documents4 sources
Severity
7.2HIGHNVD
EPSS
1.1%
top 22.07%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
SUN SunosSUN Solaris
Timeline
PublishedMay 19
Latest updateMay 3

Description

Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDsun/solaris2.4, 2.5, 2.5.1+2
NVDsun/sunos5.5.1+2

Patches

Patch: ftp.auscert.org.auPatch: sunsolve.sun.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-3m7v-qh9p-4h46: Buffer overflow in chkey in Solaris 22022-05-03
CVEList
CVE-1999-1191: Buffer overflow in chkey in Solaris 22002-03-09

💥Exploits & PoCs

2
Exploit-DB
Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer1997-05-19
Exploit-DB
Solaris 2.5.1 - 'chkey' Local Privilege Escalation1997-05-19
CVE-1999-1191 — SUN Solaris vulnerability | cvebase