CVE-1999-1142
First published: Wed May 27 1992(Updated: )
SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun SunOS | <=4.1.2 | |
| <=4.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-1999-1142?
CVE-1999-1142 is considered a high-severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-1999-1142?
To fix CVE-1999-1142, upgrade SunOS to a version later than 4.1.2 which does not allow LD_* environmental variable exploitation.
Who is affected by CVE-1999-1142?
Local users on SunOS versions 4.1.2 and earlier can be affected by CVE-1999-1142.
What systems are vulnerable to CVE-1999-1142?
SunOS operating systems up to version 4.1.2 are vulnerable to CVE-1999-1142.
What are the implications of CVE-1999-1142?
The implications of CVE-1999-1142 include unauthorized privilege escalation, allowing local users to gain access to restricted functionalities.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/references
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/tags
- agent/source
- vendor/sun
- canonical/sun sunos
- version/sun sunos/4.1.2