Vulnerabilities > CVE-1999-1025 - Unspecified vulnerability in SUN Solaris and Sunos

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

sun

NVD

Published: 1998-11-12

Updated: 2018-10-30

Summary

CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Solaris 2.6 SUN Sunos - SUN Sunos 5.6	3

References

http://marc.info/?l=bugtraq&m=90831127921062&w=2
http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fpatches%2F106027&zone_32=411568%2A%20
http://www.securityfocus.com/bid/294