CVE-1999-1142

Published: May 27, 1992Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.

Affected (1)

Products: Sun: Sunos

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sun Sunos	Up to 4.1.2

References (6)

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/116

Source: cve@mitre.org

http://www.cert.org/advisories/CA-1992-11.html

Source: cve@mitre.org

PatchThird Party AdvisoryUS Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/3152

Source: cve@mitre.org

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/116

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.cert.org/advisories/CA-1992-11.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party AdvisoryUS Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/3152

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.