CVE-1999-1424 — MEDIUM (6.2)

Vulnerability Description

Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.

CVSS Score

6.2

MEDIUM

AV:L/AC:H/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Sun	Solstice Adminsuite	2.1

References

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145PatchVendor Advisory
http://www.securityfocus.com/bid/208PatchVendor Advisory
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145PatchVendor Advisory
http://www.securityfocus.com/bid/208PatchVendor Advisory

FAQ

What is CVE-1999-1424?

CVE-1999-1424 is a vulnerability with a CVSS score of 6.2 (MEDIUM). Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table en...

How severe is CVE-1999-1424?

CVE-1999-1424 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-1999-1424?

Check the references section above for vendor advisories and patch information. Affected products include: Sun Solstice Adminsuite.