Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1432

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-1999-1432
Last Modified 10 Sep 2008 03:01:56
Published 16 Jul 1998 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-1999-1432

Summary

Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.

Vulnerable Systems

Operating System

  • Sun Solaris 2.4

  • Sun Solaris 2.5

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6


References

BUGTRAQ - 19980716 Security risk with powermanagemnet on Solaris 2.6

BID - 160


Last Updated: 27 May 2016 10:35:26