Vulnerability Name: | CVE-1999-1297 (CCN-7482) | ||||||||
Assigned: | 1998-07-15 | ||||||||
Published: | 1998-07-15 | ||||||||
Updated: | 2018-10-30 | ||||||||
Summary: | cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key. | ||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Obtain Information | ||||||||
References: | Source: MITRE Type: CNA CVE-1999-1297 Source: CCN Type: SunSolve Online Patch Access Web site cmdtool L2/AGAIN key displays unechoed characters Source: SUNBUG Type: Patch 1077164 Source: CCN Type: OSVDB ID: 8068 cmdtool L2/AGAIN Key Password Disclosure Source: XF Type: UNKNOWN sun-cmdtool-echo(7482) Source: XF Type: UNKNOWN sun-cmdtool-echo(7482) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |