Vulnerabilities > CVE-1999-1432 - Unspecified vulnerability in SUN Solaris and Sunos

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

sun

exploit available

NVD

Published: 1998-07-16

Updated: 2018-10-30

Summary

Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Solaris 2.4 SUN Solaris 2.5 SUN Solaris 2.5.1 SUN Solaris 2.6 SUN Sunos - SUN Sunos 5.4 SUN Sunos 5.5 SUN Sunos 5.5.1	9

Exploit-Db

description	Sun Solaris 2.6 power management Vulnerability. CVE-1999-1432 . Local exploit for solaris platform
id	EDB-ID:19126
last seen	2016-02-02
modified	1998-07-16
published	1998-07-16
reporter	Ralf Lehmann
source	https://www.exploit-db.com/download/19126/
title	Sun Solaris <= 2.6 power management Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References