CVE-1999-1080

Name of the Vulnerable Software and Affected Versions SunOS version 5.7

Description The issue allows local users with physical access to potentially gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck. This occurs because rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS.

Recommendations For SunOS version 5.7, ensure that the nosuid flag is set for all file systems in rmmount.conf to prevent the mounting of file systems with setuid programs. As a temporary workaround, consider restricting physical access to the system and avoiding the use of volcheck on untrusted file systems until the issue is resolved.