Sun Solaris 2.5/2.5.1/7.0 Setuid File rmmount.conf privileges management

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in Sun Solaris 2.5/2.5.1/7.0 (Operating System) and classified as critical. This vulnerability affects an unknown part of the file rmmount.conf of the component Setuid File Handler. Upgrading eliminates this vulnerability.

Field06/17/2014 03:49 PM04/03/2019 02:25 PM
vendorSunSun
nameSolarisSolaris
version2.5/2.5.1/7.02.5/2.5.1/7.0
componentSetuid File HandlerSetuid File Handler
filermmount.confrmmount.conf
risk11
historic00
cvss2_vuldb_basescore7.27.2
cvss2_vuldb_tempscore5.35.3
cvss2_vuldb_avLL
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciCC
cvss2_vuldb_iiCC
cvss2_vuldb_aiCC
cvss3_meta_basescore8.48.4
cvss3_meta_tempscore7.37.3
cvss3_vuldb_basescore8.48.4
cvss3_vuldb_tempscore7.37.3
date800064000 (05/10/1995)800064000 (05/10/1995)
locationBugtraqBugtraq
typePostingPosting
urlhttp://marc.theaimsgroup.com/?l=bugtraq&m=92633694100270&w=2http://marc.theaimsgroup.com/?l=bugtraq&m=92633694100270&w=2
person_nameJonas StahreJonas Stahre
price_0day$5k-$25k$5k-$25k
price_trend--
nameUpgradeUpgrade
cveCVE-1999-1080CVE-1999-1080
xforce83508350
cvss3_vuldb_uiNN
cvss2_vuldb_eUU
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcCC
cvss3_vuldb_eUU
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
typeOperating System
cvss2_nvd_avL
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciC
cvss2_nvd_iiC
cvss2_nvd_aiC
cve_nvd_published800064000
cve_nvd_summaryrmmount in sunos 5.7 may mount file systems without the nosuid flag set contrary to the documentation and its use in previous versions of sunos which could allow local users with physical access to gain root privileges by mounting a floppy or cd-rom that contains a setuid program and running volcheck when the file systems do not have the nosuid option specified in rmmount.conf.
securityfocus250
securityfocus_date926294400 (05/10/1999)
securityfocus_classUnknown
securityfocus_titleSolaris rmmount Setuid Files Vulnerability
xforce_titleSun Solaris rmmount utility allows a local attacker to gain root privileges
xforce_identifiersolaris-rmmount-gain-root
cwe0269 (privilege escalation)

Do you know our Splunk app?

Download it now for free!