CVE-1999-1021

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Dec 30, 1992

Updated: Nov 20, 2024

Summary

CVE-1999-1021 is a vulnerability affecting NFS (Network File System) on SunOS 4.1 through 4.1.2. The issue stems from the NFS server incorrectly interpreting user IDs (UIDs), ignoring the high order 16 bits and focusing solely on the lower 16 bits. This allows local users with UIDs set to 0 in the higher bits to gain root access. This vulnerability has been mitigated by implementing the NFS jumbo patch upgrade.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SunOS

Affected Vendors

Oracle Corp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlUA8
https://www.cve.org/CVERecord?id=CVE-1999-1021
https://nvd.nist.gov/vuln/detail/CVE-1999-1021

Back to Vulnerability Database