PT-1993-1004 · Sun · Solaris+1

Published

1993-10-01

Updated

2018-10-30

CVE-1999-1137

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Solaris versions 2.2 and earlier SunOS versions 4.1.x

Description The issue allows any local user to read from the /dev/audio device, potentially enabling an attacker to monitor conversations near a machine with a microphone.

Recommendations For Solaris versions 2.2 and earlier, consider restricting access to the /dev/audio device to prevent unauthorized reading. For SunOS versions 4.1.x, restrict access to the /dev/audio device to minimize the risk of exploitation. As a temporary workaround, consider disabling the microphone or restricting access to the /dev/audio device until a more permanent solution is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1137

Affected Products

Solaris

Sunos

PT-1993-1004 · Sun · Solaris+1

CVE-1999-1137

Related Identifiers

Affected Products

References · 5