User Privilege Escalation in Solaris Solstice AdminSuite by Sun Microsystems
CVE-1999-1424

Currently unrated

Key Information:

Vendor: Oracle
Status: Solstice Adminsuite
Vendor: CVE Published:; 10 November 1997

What is CVE-1999-1424?

Solaris Solstice AdminSuite version 2.1 is affected by a vulnerability that involves unsafe permissions during the process of adding new users to the NIS+ password table. This flaw allows local users to manipulate their password table entries, potentially granting them unauthorized root access. Organizations using this software should take immediate steps to assess their systems for this issue and implement appropriate security measures to mitigate the risk.

References

http://www.securityfocus.com/bid/208

vdb-entryx_refsource_BID

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&...

vendor-advisoryx_refsource_SUN

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Nov 10, 1997

Oracle

What is CVE-1999-1424?

References

Timeline