Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1080

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-1999-1080
Last Modified 05 Sep 2008 04:18:40
Published 10 May 1995 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1080

Summary

rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.

Vulnerable Systems

Operating System

  • Sunos 5.7


References

BUGTRAQ - 19990510 SunOS 5.7 rmmount, no nosuid.

BUGTRAQ - 19991011

XF - solaris-rmmount-gain-root(8350)

BID - 250


Last Updated: 27 May 2016 10:35:16