Vulnerability Details : CVE-1999-1424
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.
Exploit prediction scoring system (EPSS) score for CVE-1999-1424
Probability of exploitation activity in the next 30 days: 0.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 15 % EPSS Score History EPSS FAQ
CVSS scores for CVE-1999-1424
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.2
|
MEDIUM | AV:L/AC:H/Au:N/C:C/I:C/A:C |
1.9
|
10.0
|
NIST |
References for CVE-1999-1424
-
http://www.securityfocus.com/bid/208
Patch;Vendor Advisory
-
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145
Patch;Vendor Advisory
Products affected by CVE-1999-1424
- cpe:2.3:a:sun:solstice_adminsuite:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:solstice_adminsuite:2.1:*:x86:*:*:*:*:*
- cpe:2.3:a:sun:solstice_adminsuite:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:solstice_adminsuite:2.2:*:x86:*:*:*:*:*