TILLBAKA TILL DASHBOARD

CVE-1999-1142

Källa: cve@mitre.org

UNKNOWN
7.2 CVSS Score

EXPLOTATION STATUS & MITIGATIONS

EXPLOIT STATUS
NO KNOWN EXPLOIT
REMEDIATION
PATCH AVAILABLE

PÅVERKADE KLIENTER/MJUKVARA

Sunos

BESKRIVNING

SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.

TEKNISK DATA

{
  "id": "CVE-1999-1142",
  "sourceIdentifier": "cve@mitre.org",
  "published": "1992-05-27T04:00:00.000",
  "lastModified": "2025-04-03T01:03:51.193",
  "vulnStatus": "Deferred",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SunOS 4.1.2 and earlier allows local users to gain privileges via \"LD_*\" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "baseScore": 7.2,
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 3.9,
        "impactScore": 10,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "4.1.2",
              "matchCriteriaId": "B756EC9D-B72C-4A5F-9C17-A2F73583B7D2"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/116",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.cert.org/advisories/CA-1992-11.html",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3152",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/116",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.cert.org/advisories/CA-1992-11.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3152",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}

Status

Vuln Status:Deferred
Publicerad:5/27/1992
Uppdaterad:4/3/2025

Vector String

AV:L/AC:L/Au:N/C:C/I:C/A:C
ÖPPNA I NVD