CVE-1999-1584

Name of the Vulnerable Software and Affected Versions: SunOS versions 4.1.1 through 4.1.3c Open Windows version 3.0

Description: A local issue in loadmodule and modload, if modload is installed with setuid/setgid privileges, allows users to gain root privileges via environment variables.

Recommendations: For SunOS versions 4.1.1 through 4.1.3c, consider removing setuid/setgid privileges from modload to prevent exploitation. For Open Windows 3.0, restrict the use of loadmodule and modload until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.