Lucene search

[email protected]CVE-1999-1158

HistoryMay 13, 1997 - 4:00 a.m.

CVE-1999-1158

1997-05-1304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-1158

buffer overflow

solaris 2.5.1

solaris 2.5

solaris 2.4

solaris 2.3

pam

unix_scheme

root privileges

nvd.

7.9 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.

CPENameOperatorVersion
sun:sunossun sunoseq5.3
sun:sunossun sunoseq5.5
sun:sunossun sunoseq5.4
sun:sunossun sunoseq5.5.1

CPE	Name	Operator	Version
sun:sunos	sun sunos	eq	5.3
sun:sunos	sun sunos	eq	5.5
sun:sunos	sun sunos	eq	5.4
sun:sunos	sun sunos	eq	5.5.1

References

ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.09.Solaris.passwd.buffer.overrun.vul

sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/139&type=0&nav=sec.sba

7.9 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON