CVE-1999-1297

Name of the Vulnerable Software and Affected Versions OpenWindows versions 3.0 XView versions 3.0 in SunOS versions 4.1.4 and earlier

Description The issue allows attackers with physical access to the system to display unechoed characters, such as those from password prompts, via the L2/AGAIN key.

Recommendations For OpenWindows version 3.0, restrict physical access to the system to minimize the risk of exploitation. For XView version 3.0 in SunOS versions 4.1.4 and earlier, consider disabling the use of the L2/AGAIN key as a temporary workaround until a fix is available.