Local Vulnerability in SunOS and Open Windows Allows Privilege Escalation
CVE-1999-1584

Currently unrated

Key Information:

Vendor: Oracle
Status: Openwindows
Vendor: CVE Published:; 31 December 1999

What is CVE-1999-1584?

A local vulnerability exists in SunOS versions 4.1.1 through 4.1.3c and Open Windows 3.0, specifically in the loadmodule and modload functionalities when modload is configured with setuid/setgid permissions. This flaw allows local users to manipulate environment variables to potentially gain root privileges, exposing the system to unauthorized access and control. This threat emphasizes the need for system administrators to implement strict permission settings and monitor users' capabilities.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-22-...

vendor-advisoryx_refsource_SUN

http://www.cert.org/advisories/CA-1993-18.html

third-party-advisoryx_refsource_CERT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Aug 30, 2005
Vulnerability published
Dec 31, 1999

Oracle

What is CVE-1999-1584?

References

Timeline