CVE-1999-1142

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published May 27, 1992

Updated: Nov 20, 2024

Summary

CVE-1999-1142 is a vulnerability affecting SunOS 4.1.2 and earlier versions. This issue grants local users the ability to elevate privileges by manipulating "LD_*" environmental variables in certain setuid or setgid programs, such as login, su, and sendmail. By altering the real and effective user ids to match a valid user, attackers can execute commands with elevated privileges. This vulnerability poses a significant security risk as it allows unauthorized access to system functions and sensitive data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SunOS

Affected Vendors

Oracle Corp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlMNI
https://www.cve.org/CVERecord?id=CVE-1999-1142
https://nvd.nist.gov/vuln/detail/CVE-1999-1142

Back to Vulnerability Database