Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1402Solaris vulnerability

4 documents4 sources
Severity
2.1LOWNVD
EPSS
0.3%
top 49.56%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
FreebsdSUN SolarisSUN Sunos
Timeline
PublishedMay 17
Latest updateApr 30

Description

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDsun/sunos4 versions+3
NVDsun/solaris2.5, 2.5.1, 2.6+2

Also affects: Freebsd 2.2.2, 2.2.3, 2.2.4, 2.2.5, 2.2.6, 2.2.8, 3.0, 3.1

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-rq2v-6234-j5f5: The access permissions for a UNIX domain socket are ignored in Solaris 22022-04-30
CVEList
CVE-1999-1402: The access permissions for a UNIX domain socket are ignored in Solaris 22002-03-09

💥Exploits & PoCs

1
Exploit-DB
FreeBSD 3.1 / Solaris 2.6 - Domain Socket1997-06-19
CVE-1999-1402 — SUN Solaris vulnerability | cvebase