Local Privilege Escalation in Solaris Solstice AdminSuite by Sun Microsystems
CVE-1999-1425

Currently unrated

Key Information:

Vendor: Oracle
Status: Solstice Adminsuite
Vendor: CVE Published:; 10 November 1997

What is CVE-1999-1425?

The Solaris Solstice AdminSuite 2.1 has a security misconfiguration that allows local users to modify important source files for NIS maps. By improperly setting write permissions on these files, malicious users can manipulate the /etc/passwd file, potentially leading to unauthorized privilege escalation and system compromise.

References

http://www.securityfocus.com/bid/208

vdb-entryx_refsource_BID

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&...

vendor-advisoryx_refsource_SUN

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Nov 10, 1997

Oracle

What is CVE-1999-1425?

References

Timeline