Vulnerability Description
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freebsd | Freebsd | 2.2.2 |
| Sun | Solaris | 2.5 |
| Sun | Sunos | - |
References
- http://marc.info/?l=bugtraq&m=87602167418317&w=2
- http://marc.info/?l=bugtraq&m=87602248718482&w=2
- http://www.iss.net/security_center/static/7172.php
- http://www.securityfocus.com/bid/456ExploitPatchVendor Advisory
- http://marc.info/?l=bugtraq&m=87602167418317&w=2
- http://marc.info/?l=bugtraq&m=87602248718482&w=2
- http://www.iss.net/security_center/static/7172.php
- http://www.securityfocus.com/bid/456ExploitPatchVendor Advisory
FAQ
What is CVE-1999-1402?
CVE-1999-1402 is a vulnerability with a CVSS score of 2.1 (LOW). The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and p...
How severe is CVE-1999-1402?
CVE-1999-1402 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1402?
Check the references section above for vendor advisories and patch information. Affected products include: Freebsd Freebsd, Sun Solaris, Sun Sunos.