CVE-1999-1425

CVSS 2.0 Score 6.2 of 10 (medium)

Details

Published Nov 10, 1997

Updated: Nov 20, 2024

Summary

CVE-1999-1425 is a vulnerability affecting Solaris Solstice AdminSuite (AdminSuite) version 2.1. The issue arises due to the incorrect file permission setting. Specifically, AdminSuite incorrectly grants write access to source files for NIS maps located in the /etc directory. Malicious local users can exploit this flaw to modify the /etc/passwd file, thereby gaining elevated privileges. This vulnerability poses a significant security risk and should be addressed promptly by updating to a patched version of Solaris Solstice AdminSuite.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Sun.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlWsC
https://www.cve.org/CVERecord?id=CVE-1999-1425
https://nvd.nist.gov/vuln/detail/CVE-1999-1425

Back to Vulnerability Database

CVE-1999-1425

CVSS 2.0 Score 6.2 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations