Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1021

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-1999-1021
Last Modified 05 Sep 2008 04:18:32
Published 30 Dec 1992 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1021

Summary

NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.

Vulnerable Systems

Operating System

  • Sunos 4.1

  • Sunos 4.1.1

  • Sunos 4.1.2


References

CERT - CA-1992-15

BID - 47

SUN - 00117

XF - nfs-uid(82)


Last Updated: 27 May 2016 10:35:14