Vulnerability Name: | CVE-1999-1586 (CCN-498) | ||||||||
Assigned: | 1995-10-01 | ||||||||
Published: | 1995-10-01 | ||||||||
Updated: | 2017-07-11 | ||||||||
Summary: | loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584. | ||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: MITRE Type: CNA CVE-1999-0282 Source: MITRE Type: CNA CVE-1999-1586 Source: CCN Type: Sun Microsystems, Inc. Patch-ID 100448-03 OpenWindows 3.0: loadmodule Patch Source: CCN Type: Sun Microsystems, Inc. Security Bulletin #00114 Vulnerability with setuid program (loadmodule(8)) Source: CCN Type: Sun Microsystems, Inc. Security Bulletin #00124 New security patches for "loadmodule" and "modload" Source: CCN Type: CERT Advisory CA-1995-12 Sun 4.1.X Loadmodule Vulnerability Source: CERT Type: Patch, Third Party Advisory, US Government Resource CA-95.12 Source: CCN Type: CIAC Information Bulletin G-02 SunOS 4.1.X Loadmodule Vulnerability Source: CIAC Type: Patch, Vendor Advisory G-02 Source: CCN Type: OSVDB ID: 5860 SunOS loadmodule Path Environment Privilege Escalation Source: CCN Type: OSVDB ID: 5861 SunOS modload Root Privilege Escalation Source: CCN Type: OSVDB ID: 5899 SunOS loadmodule Double IFS Privilege Escalation Source: CCN Type: BID-33 OpenWindows loadmodule Vulnerability Source: XF Type: UNKNOWN sun-loadmodule(498) Source: XF Type: UNKNOWN sun-loadmodule(498) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |