Insecure Lock File Creation in Solaris Solstice AdminSuite by Sun Microsystems
CVE-1999-1427

Currently unrated

Key Information:

Vendor: Oracle
Status: Solstice Adminsuite
Vendor: CVE Published:; 10 November 1997

What is CVE-1999-1427?

The Solaris Solstice AdminSuite versions 2.1 and 2.2 contain a vulnerability due to the insecure creation of lock files. This flaw enables local users to manipulate these files to escalate their privileges, potentially granting them unauthorized root access to the system. Proper validation and secure file handling practices should be implemented to mitigate this risk.

References

http://www.securityfocus.com/bid/208

vdb-entryx_refsource_BID

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&...

vendor-advisoryx_refsource_SUN

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Nov 10, 1997

Oracle

What is CVE-1999-1427?

References

Timeline