CVE-1999-1158
CVSS 2.0 Score 7.2 of 10 (high)
Details
Published May 13, 1997
Updated: Oct 30, 2018
Summary
CVE-1999-1158 is a critical buffer overflow vulnerability affecting Solaris 2.5.1, 2.5, and earlier versions. This issue lies in both the pluggable authentication module (PAM) and the unix_scheme in Solaris 2.4 and 2.3. Local users can exploit this flaw to elevate their privileges to root level. Programs using these vulnerable modules, such as passwd, yppasswd, and nispasswd, are at risk when processed by an attacker. Successful exploitation allows the attacker to gain root access, posing a severe threat to system security.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- SunOS
Affected Vendors
- Oracle Corp