UNIX Domain Socket Permission Flaw in Solaris and BSD-based Systems
CVE-1999-1402

Currently unrated

Key Information:

Vendor: FreeBSD
Status: FreeBSD; Solaris; Sunos
Vendor: CVE Published:; 17 May 1997

What is CVE-1999-1402?

The access permissions for UNIX domain sockets in Solaris 2.x and SunOS 4.x, along with certain earlier BSD-based systems, are improperly configured. This allows local users to establish connections to the socket, potentially enabling them to disrupt or gain control over the operations of any program utilizing that socket. Such flaws can lead to unauthorized access and manipulation, posing significant risks to system security and integrity.

References

http://www.iss.net/security_center/static/7172.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/456

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=87602248718482&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
May 17, 1997

FreeBSD

What is CVE-1999-1402?

References

Timeline