CVE-1999-1025

Published: Nov 12, 1998Modified: Apr 16, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.

Affected (3)

Products: Sun: Solaris, Sunos

Sun

2 products

Solaris

Sunos

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Sun Solaris	Version 2.6
Sun Sunos	All versions
Sun Sunos	Version 5.6

References (6)

http://marc.info/?l=bugtraq&m=90831127921062&w=2

Source: cve@mitre.org

http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fpatches%2F106027&zone_32=411568%2A%20

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/294

Source: cve@mitre.org

PatchVendor Advisory

http://marc.info/?l=bugtraq&m=90831127921062&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fpatches%2F106027&zone_32=411568%2A%20

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/294

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.