exploitDog

CVE-1999-1142

Опубликовано: 27 мая 1992

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.

Ссылки

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/116
http://www.cert.org/advisories/CA-1992-11.html
Patch
Third Party Advisory
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/3152
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/116
http://www.cert.org/advisories/CA-1992-11.html
Patch
Third Party Advisory
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/3152

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*

Версия до 4.1.2 (включая)

EPSS

Процентиль: 33%

0.00125

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wx92-67c9-p24w

github

около 3 лет назад

SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.

EPSS

Процентиль: 33%

0.00125

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other