Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1402

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-1999-1402
Last Modified 05 Sep 2008 04:19:26
Published 17 May 1997 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1402

Summary

The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.

Vulnerable Systems

Operating System

  • Freebsd 2.2.2

  • Freebsd 2.2.3

  • Freebsd 2.2.4

  • Freebsd 2.2.5

  • Freebsd 2.2.6

  • Freebsd 2.2.8

  • Freebsd 3.0

  • Freebsd 3.1

  • Sun Solaris 2.0

  • Sun Solaris 2.5

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6

  • Sunos 4.0


References

BID - 456

BUGTRAQ - 19971003 Solaris 2.6 and sockets

BUGTRAQ - 19970517 UNIX domain socket (Solarisx86 2.5)

XF - sun-domain-socket-permissions(7172)


Last Updated: 27 May 2016 10:35:24