PT-1989-1001 · Sun · Rcp+1
Published
1989-10-26
·
Updated
2025-04-03
·
CVE-1999-1467
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
rcp on SunOS version 4.0.x
Description
The issue allows remote attackers from trusted hosts to execute arbitrary commands as root. This is possibly related to the configuration of the
nobody user.Recommendations
For SunOS version 4.0.x, consider restricting access to the rcp command until a proper configuration or fix is applied, focusing on securing the
nobody user configuration to prevent exploitation.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sunos
Rcp