CVE-1999-1025

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Nov 12, 1998

Updated: Nov 20, 2024

Summary

CVE-1999-1025 is a vulnerability affecting the CDE screen lock program, specifically on Solaris 2.6 systems that function as NIS+ clients. This issue arises due to the screenlock utility's inability to securely lock an unprivileged user's console session. Consequently, individuals with physical access to the system can bypass the lock screen and gain unauthorized access by entering any arbitrary string as the password.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Sun Solaris
SunOS

Affected Vendors

Oracle Corp
Sun.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlQ3Z
https://www.cve.org/CVERecord?id=CVE-1999-1025
https://nvd.nist.gov/vuln/detail/CVE-1999-1025

Back to Vulnerability Database