CVE-1999-1158

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published May 13, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-1158 refers to a buffer overflow vulnerability affecting Solaris 2.5.1, 2.5, 2.4, and 2.3. This issue lies in the pluggable authentication module (PAM) and the unix_scheme. Local users are able to exploit these vulnerabilities and acquire root privileges when using programs such as passwd, yppasswd, and nispasswd. Such exploitation occurs due to insufficient bounds checking in the input validation, leading to an overflow in a buffer. This vulnerability poses a significant risk, as successful attacks can result in complete system compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SunOS

Affected Vendors

Oracle Corp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlRJU
https://www.cve.org/CVERecord?id=CVE-1999-1158
https://nvd.nist.gov/vuln/detail/CVE-1999-1158

Back to Vulnerability Database